CVE-2025-54295

State: PUBLISHED · Published: 2025-07-23 · Updated: 2025-07-24 · Assigner: Joomla

Description

A Reflected XSS vulnerability in DJ-Reviews component 1.0-1.3.6 for Joomla was discovered.

CWE

CWE-79 — CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected

dj-extensions.com / DJ-Reviews component for Joomla — v=1.0-1.3.6 [affected]

CVSS

4.0 score=5.1 severity=MEDIUM CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

References

Source

cvelistV5-main/cves/2025/54xxx/CVE-2025-54295.json