๐Ÿ” CVE Alert

CVE-2026-23900

MEDIUM 6.5

Extension - phoca.cz - Stored XSS vectors in Phoca Maps component 5.0.0 - 6.0.2 for Joomla

CVSS Score
6.5
EPSS Score
0.0%
EPSS Percentile
8th

Various stored XSS vulnerabilities in the maps- and icon rendering logic in Phoca Maps component 5.0.0-6.0.2 have been discovered.

CWE CWE-79
Vendor phoca.cz
Product phoca.cz - phoca maps for joomla
Published Apr 11, 2026
Last Updated Apr 14, 2026
Stay Ahead of the Next One

Get instant alerts for phoca.cz phoca.cz - phoca maps for joomla

Be the first to know when new medium vulnerabilities affecting phoca.cz phoca.cz - phoca maps for joomla are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

phoca.cz / phoca.cz - Phoca Maps for Joomla
5.0.0-6.0.2

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
phoca.cz: https://phoca.cz/

Credits

Felipe Monteiro Leandro Vallim