PT-2026-58891 · Joomla · 4Analytics

Yannick Gaultier

·

Published

2026-07-15

·

Updated

2026-07-15

·

CVE-2026-57833

CVSS v4.0

8.6

High

VectorAV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions 4Analytics (affected versions not specified)
Description The Joomla extension 4Analytics contains a stored Cross-Site Scripting (XSS) flaw—a vulnerability where malicious scripts are permanently stored on the target server—associated with the AI analysis feature. This issue can be triggered by an unauthenticated user.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-57833

Affected Products

4Analytics