Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

CMS

Joomla

Joomla is an award-winning content management system (CMS) which enables you to build Web sites and powerful online applications. Many aspects including its ease-of-use and extensibility have made Joomla the most popular Web site software available. Best of all Joomla is an open source solution that is freely available to everyone.

Official Site:

https://www.joomla.org/

Severity Summary:

Critical: 62 High: 157 Medium: 416 Low: 10 Information: 16
Reference
Title
Severity
CVE-2026-21632
Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-63082
Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-63083
Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-21722
Joomla Insufficient Session Expiration Vulnerability
Medium
CVE-2024-21723
Joomla URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2024-21725
Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-21726
Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-27184
Joomla URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2024-27186
Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-40743
Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-40747
Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-21729
Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-26037
Joomla Core Security Bypass
Medium
CVE-2023-23751
Joomla Incorrect Authorization Vulnerability
Medium
CVE-2024-26279
Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-23750
Joomla Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2024-21730
Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-21731
Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-26278
Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2005-4650
Joomla Allocation of Resources Without Limits or Throttling Vulnerability
Medium
CVE-2023-23754
Joomla URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2022-23796
Joomla Core 3.x.x Cross-Site Scripting
Medium
CVE-2022-27911
Joomla Core 4.2.0 Information Disclosure
Medium
CVE-2022-27914
Joomla Core 4.x.x Cross-Site Scripting
Medium
CVE-2021-26039
Joomla Core 3.x.x Cross-Site Scripting
Medium
CVE-2021-26038
Joomla Core Security Bypass
Medium
CVE-2020-15700
Joomla Core 3.x.x Cross-Site Request Forgery
Medium
CVE-2020-13762
Joomla Core 3.x.x Cross-Site Scripting
Medium
CVE-2018-6380
Joomla Core 3.x.x Cross-Site Scripting
Medium
CVE-2018-15882
Joomla Core Multiple Vulnerabilities
Medium