Skip to main content

Phoca Cz Phoca Maps For Joomla

1 CVEs product

Monthly

CVE-2026-23900 MEDIUM This Month

Stored XSS vulnerabilities in Phoca Maps for Joomla 5.0.0-6.0.2 allow unauthenticated remote attackers to inject and execute arbitrary JavaScript in map and icon rendering logic, potentially compromising user sessions and stealing sensitive data. CVSS 6.5 reflects network accessibility and information disclosure risk, though EPSS (0.03%) suggests low current exploitation likelihood. The vulnerability requires no authentication or user interaction to inject payloads, but stored nature means victims are affected upon viewing contaminated maps.

XSS Phoca Cz Phoca Maps For Joomla
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
EPSS 0% CVSS 6.5
MEDIUM This Month

Stored XSS vulnerabilities in Phoca Maps for Joomla 5.0.0-6.0.2 allow unauthenticated remote attackers to inject and execute arbitrary JavaScript in map and icon rendering logic, potentially compromising user sessions and stealing sensitive data. CVSS 6.5 reflects network accessibility and information disclosure risk, though EPSS (0.03%) suggests low current exploitation likelihood. The vulnerability requires no authentication or user interaction to inject payloads, but stored nature means victims are affected upon viewing contaminated maps.

XSS Phoca Cz Phoca Maps For Joomla
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy