CVE-2025-50056
Description
A reflected XSS vulnerability in RSMail! component 1.19.20 - 1.22.26 28 Joomla was discovered. The issue allows remote attackers to inject arbitrary web script or HTML via the crafted parameter.
CWE
- CWE-79 — CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Affected
- rsjoomla.com / RSMail! component for Joomla — v=1.19.20-1.22.28 [affected]
CVSS
- 4.0 score=5.1 severity=MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
References
- https://rsjoomla.com/ product
Source
cvelistV5-main/cves/2025/50xxx/CVE-2025-50056.json