XSS in Chronoengine.com Chronoforms Extension For Joomla

CVE-2026-58148

The Joomla extension ChronoForms is vulnerable to an unauthenticated stored XSS vulnerability.

Vulnerability class: XSS (Cross-Site Scripting)

Affected products

Weakness classification (CWE)

References