Description
An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability.
Published: 2026-05-26
Score: 5.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from improper validation of the search parameter in the com_media files API endpoint, enabling an attacker to supply a crafted URL that traverses the filesystem hierarchy. By manipulating the search query with ../ sequences, a request can be constructed to read arbitrary files on the server. This allows exposure of confidential data such as configuration files, credentials, or source code, leading to significant information disclosure.

Affected Systems

All installations of Joomla! CMS distributed by the Joomla! Project are potentially impacted. The CVE does not list specific affected version ranges, so any deployment that has not applied a yet‑unreleased patch may be vulnerable. Users should verify that their Joomla! version is up‑to‑date and that the com_media webservice is properly secured.

Risk and Exploitability

The CVSS score of 5.9 indicates moderate severity. EPSS data is not available, so the likelihood of exploitation cannot be quantified, and the vulnerability is not currently included in the CISA KEV catalog. The attack vector is inferred to be an unauthenticated HTTP request to the com_media API, where an attacker crafts the search parameter to perform a path traversal. Successful exploitation would provide read access to files outside the intended media directory, potentially exposing sensitive data.

Generated by OpenCVE AI on May 26, 2026 at 18:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to the latest Joomla! CMS release that contains the fix for the com_media path traversal issue.
  • Disable the com_media webservice endpoint if it is not required, or restrict it to authorized users using Joomla! permissions or IP whitelisting.
  • Implement web server controls that reject URLs containing directory traversal patterns, such as ModSecurity rules, to mitigate the vulnerability until a patch is applied.

Generated by OpenCVE AI on May 26, 2026 at 18:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 28 May 2026 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Joomla joomla\!
CPEs cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*
Vendors & Products Joomla joomla\!
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Wed, 27 May 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Joomla
Joomla joomla!
Vendors & Products Joomla
Joomla joomla!

Tue, 26 May 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 26 May 2026 17:00:00 +0000

Type Values Removed Values Added
Description An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability.
Title Joomla! Core - [20260510] - Path traversal in com_media webservice endpoint
Weaknesses CWE-22
References
Metrics cvssV4_0

{'score': 5.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Joomla Joomla! Joomla\!
cve-icon MITRE

Status: PUBLISHED

Assigner: Joomla

Published:

Updated: 2026-05-27T09:14:15.239Z

Reserved: 2026-04-12T05:13:31.714Z

Link: CVE-2026-40384

cve-icon Vulnrichment

Updated: 2026-05-26T19:17:14.848Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-26T17:16:39.503

Modified: 2026-05-28T19:07:58.320

Link: CVE-2026-40384

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-27T10:04:19Z

Weaknesses
  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')