CVE-2026-21625
HIGH WAF: Medium
CVSS 8.8
Published: 2026-01-16
CWE-434
User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening.
WAF Coverage Analysis
Unrestricted File Upload
Medium WAF Coverage
OWASP: A04:2021 Insecure Design
930xxx - Local File Inclusion
Affected Software
| Vendor | Product | Version |
|---|---|---|
| stackideas | easydiscuss | 1.0.0 - 5.0.15 |
References
- stackideas.com (Third Party Advisory)