CVE-2026-21625

EUVD-2026-2937
User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Affected Products (NVD)
VendorProductVersion
stackideaseasydiscuss
1.0.0 ≤
𝑥
≤ 5.0.15
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://stackideas.com/easydiscuss