CVE-2025-54295 — A Reflected XSS vulnerability in DJ-Reviews component 1.0-1.3.6 for Joomla was d... | CVE Daily

Medium CVSS 5.1

Overview

A Reflected XSS vulnerability in DJ-Reviews component 1.0-1.3.6 for Joomla was discovered.

CWE: CWE-79 Published: 2025-07-23T12:15:28.370

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.1 (MEDIUM)
Detected tags: joomla, reflected_xss, xss (tag impact: MODERATE)

Recommended actions:

Sanitize reflected input and apply output encoding.
Apply context-aware output encoding.
Enable Content-Security-Policy and HttpOnly/SameSite cookies.

Recommended tools

Tags