CVE-2026-60025
Description
The Joomla extension Events Booking prior version 5.8.0 had an frontend file upload endpoint that lacked CSRF protection.
Metadata
Severity & Metrics
No CVSS data available.
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| joomdonation.com | Events Booking extension for Joomla | — | 1.0-5.8.0 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-352 | cna | CWE-352 Cross-Site Request Forgery (CSRF) |
References (1)