CVE-2025-2127 – JoomlaUX JUX Real Estate Cross Site Scripting Vulnerability

March 9, 2025
9:16 pm

CVE ID : CVE-2025-2127

Published : March 9, 2025, 6:15 p.m. | 2 hours, 14 minutes ago

Description : A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla. It has been classified as problematic. Affected is an unknown function of the file /extensions/realestate/index.php/properties/list/list-with-sidebar/realties. The manipulation of the argument Itemid/jp_yearbuilt leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-2127 – JoomlaUX JUX Real Estate Cross Site Scripting Vulnerability

Elvescore.io

Recent Posts

CVE-2025-2129 – Mage AI Insecure Default Initialization of Resource Remote Vulnerability

CVE-2025-26204 – Lua Debug Library Out-of-Bounds Read

CVE-2025-26205 – Lua Debug Library Out-of-Bounds Read

CVE-2025-2130 – A vulnerability was found in OpenXE up to 1.12. It