Home

Description

Multiple CSRF attack vectors in JDownloads component 1.0.0-4.0.47 for Joomla were discovered.

PUBLISHED Reserved 2025-08-16 | Published 2025-10-28 | Updated 2025-10-28 | Assigner Joomla

Problem types

CWE-352 Cross-Site Request Forgery (CSRF)

Product status

Default status
unaffected

1.0.0-4.0.47
affected

Credits

Sebastian Jeż finder

References

jdownloads.com/ product

cve.org (CVE-2025-55758)

nvd.nist.gov (CVE-2025-55758)

Download JSON