COSMOS INTELLIGENCE SYSTEM·NVD SYNC: IDLE·KEV: 0 ENTRIES·RATE: 0/HR0%

·LAST SYNC: 10:36:08 PM NPT

./cosmos

Intelligence News Scholarships Blog Resources Events Certificates Arsenal Tools About

LIVE

// cve detail

./cosmos

Cybersecurity intelligence, research, and operational infrastructure.

Platform

Home
Intelligence
News
Digest
Scholarships
Blog
Resources
Events
Certificates
Arsenal
Tools
About

Connect

GitHub
LinkedIn
Email

COSMOS INTELLIGENCE SYSTEM·NVD SYNC: IDLE·KEV: 0 ENTRIES·RATE: 0/HR0%

·LAST SYNC: 10:36:08 PM NPT

./cosmos

Intelligence News Scholarships Blog Resources Events Certificates Arsenal Tools About

LIVE

// intelligence feed

./cosmos

Cybersecurity intelligence, research, and operational infrastructure.

Platform

Home
Intelligence
News
Digest
Scholarships
Blog
Resources
Events
Certificates
Arsenal
Tools
About

Connect

GitHub
LinkedIn
Email

COSMOS INTELLIGENCE SYSTEM·NVD SYNC: IDLE·KEV: 0 ENTRIES·RATE: 0/HR0%

·LAST SYNC: 10:36:08 PM NPT

./cosmos

Intelligence News Scholarships Blog Resources Events Certificates Arsenal Tools About

LIVE

// cve detail

./cosmos

Cybersecurity intelligence, research, and operational infrastructure.

Platform

Home
Intelligence
News
Digest
Scholarships
Blog
Resources
Events
Certificates
Arsenal
Tools
About

Connect

GitHub
LinkedIn
Email

CVE-2026-48942 | COSMOS

COSMOS INTELLIGENCE SYSTEM·NVD SYNC: IDLE·KEV: 0 ENTRIES·RATE: 0/HR0%

·LAST SYNC: 10:36:09 PM NPT

./cosmos

Intelligence News Scholarships Blog Resources Events Certificates Arsenal Tools About

LIVE

All intelligence

// vulnerability record

cached · NVD via COSMOS sync

CVE-2026-48942

MEDIUM

published 2026-06-25 16:16 UTC · 3 days ago · modified 2026-06-26 17:44 UTC

6.1

CVSS / 10

// description

K2 ≤ 2.26 renders the `#__k2_users.image` column directly into HTML `src` attributes via two distinct templates, in both cases without HTML escaping.

// cvss 3.1 vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

// weaknesses (CWE)

CWE-79

// references (1)

https://www.getk2.org/

NVD detail

./cosmos

Cybersecurity intelligence, research, and operational infrastructure.

Platform

Home
Intelligence
News
Digest
Scholarships
Blog
Resources

Connect

GitHub
LinkedIn
Email