CVE-2025-32466

Name of the Vulnerable Software and Affected Versions RSMediaGallery! component versions 1.7.4 through 2.1.7

Description A SQL injection issue was discovered in the dashboard component of the RSMediaGallery! component for Joomla. The problem arises because user-supplied input is not properly sanitized before being stored and rendered. This allows an attacker to inject malicious code into text fields or other input points, which is then executed in the browser of any user who interacts with the crafted text in the dashboard.

Recommendations For versions 1.7.4 through 2.1.7, update to a version that includes the fix for this issue to prevent SQL injection attacks. As a temporary workaround, consider restricting access to the dashboard component to minimize the risk of exploitation.