CVE-2025-54297 — A stored XSS vulnerability in CComment component 5.0.0-6.1.14 for Joomla was dis... | CVE Daily

High CVSS 7.0

Overview

A stored XSS vulnerability in CComment component 5.0.0-6.1.14 for Joomla was discovered.

CWE: CWE-79 Published: 2025-07-23T12:15:28.683

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.0 (HIGH)
Detected tags: joomla, stored_xss, xss (tag impact: MODERATE)

Recommended actions:

Sanitize stored input and enforce CSP.
Apply context-aware output encoding.
Enable Content-Security-Policy and HttpOnly/SameSite cookies.

Recommended tools

Tags