Description
The Joomla extension Events Booking prior version 5.8.0 had an frontend file upload endpoint that lacked CSRF protection.
Published:
2026-07-17
Score:
n/a
EPSS:
n/a
KEV:
No
Impact:
n/a
Action:
n/a
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Fri, 17 Jul 2026 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Joomla extension Events Booking prior version 5.8.0 had an frontend file upload endpoint that lacked CSRF protection. | |
| Title | Joomla Extension - joomdonation.com - User enumeration in Events Booking < 5.8.0 | |
| Weaknesses | CWE-352 | |
| References |
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: Joomla
Published:
Updated: 2026-07-17T15:44:32.443Z
Reserved: 2026-07-08T05:31:35.889Z
Link: CVE-2026-60025
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses