Description
The Joomla extension ChronoForms is vulnerable to an unauthenticated stored XSS vulnerability.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
| Link | Providers |
|---|---|
| https://www.chronoengine.com/ |
|
History
Fri, 17 Jul 2026 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Joomla extension ChronoForms is vulnerable to an unauthenticated stored XSS vulnerability. | |
| Title | Joomla Extension - chronoengine.com - Stored XSS in ChronoForms extension for Joomla < 8.0.53 | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV4_0
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: Joomla
Published:
Updated: 2026-07-17T16:15:45.737Z
Reserved: 2026-06-29T14:35:29.745Z
Link: CVE-2026-58148
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')