PatchSiren

chronoengine.com CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH chronoengine.com CVE published 2026-07-17

CVE-2026-58148

CVE-2026-58148 is an unauthenticated stored XSS vulnerability in Joomla ChronoForms, a popular extension for Joomla. The vulnerability has a CVSS score of 8.7 and is considered HIGH severity. The CVE record was published on 2026-07-17T16:17:15.897Z and was last modified on 2026-07-17T18:04:04.083Z. The vulnerability allows an attacker to inject malicious code into the application, which can then be execut [truncated]