⚠️ THIS IS A VULNERABLE LAB — YOU ARE ALLOWED TO HACK IT Learn more
feeds.feedburner.com • 2026-06-17 05:50

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

thumb
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-48907 (CVSS score: 10.0), is a case of improper access control that could facilitate arbitrary
Read original