CVE-2025-22204

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 4, 2025

CWE ID 94

Summary

CVE-2025-22204 is a remote code execution vulnerability affecting Joomla versions prior to 11.0.0. The issue lies in the sourcerer extension, which fails to adequately control the code generation process. An attacker can exploit this flaw to inject and execute malicious code remotely, potentially leading to significant security risks. It is recommended that users update their Joomla installations to the latest version as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2FI0vj
https://www.cve.org/CVERecord?id=CVE-2025-22204
https://nvd.nist.gov/vuln/detail/CVE-2025-22204

Back to Vulnerability Database

CVE-2025-22204

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations