CyberRota
← Ana sayfaya dön

CVE-2026-48940

LOW · CVSS 3.4 EPSS %0.17

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-25T16:16:36.410 · Çekilme zamanı: 2026-06-30T18:33:56.556449+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-48940
Severity
LOW
CVSS
3.4
EPSS
%0.17

Orijinal NVD Açıklaması

A Joomla user with K2 "create item" rights (Author tier by default) can submit an article whose `embedVideo` POST field contains a raw `<script>` tag; K2 stores it verbatim and renders it unescaped to any visitor of the article page.