PT-2026-58891 · Joomla · 4Analytics
Yannick Gaultier
·
Published
2026-07-15
·
Updated
2026-07-15
·
CVE-2026-57833
CVSS v4.0
8.6
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
4Analytics (affected versions not specified)
Description
The Joomla extension 4Analytics contains a stored Cross-Site Scripting (XSS) flaw—a vulnerability where malicious scripts are permanently stored on the target server—associated with the AI analysis feature. This issue can be triggered by an unauthenticated user.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
4Analytics