CVE-2025-22208

Published Feb 15, 2025

Last updated 2 days ago

CVSS medium 4.7

Overview

Description
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'filter_email' parameter in the GDPR Erase Data Request search feature.
Source
security@joomla.org
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
4.7
Impact score
3.4
Exploitability score
1.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Severity
MEDIUM

Weaknesses

security@joomla.org
CWE-89

Social media

Hype score
Not currently trending

  1. A SQL injection vulnerability (CVE-2025-22208) in the JS Jobs plugin for Joomla versions 1.1.5-1.4.3 enables authenticated attackers to execute arbitrary SQL commands via the 'filter_email' parameter in the GDPR Erase Da...

    @LunarChainCo

    15 Feb 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-22208 A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands v… https://t.co/zmo6sZtiCg

    @CVEnew

    15 Feb 2025

    449 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References