CVE-2026-21630 in Joomla CMS
Summary
Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint.
Responsible
Joomla
Reservation
01/01/2026
Disclosure
04/01/2026
Entries
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerability | CWE | Exp | Cou | CVE |
|---|---|---|---|---|---|
| 354633 | Joomla CMS Articles Webservice Endpoint sql injection | 89 | Not defined | Not defined | CVE-2026-21630 |