A vulnerability was found in Joomla! Project Joomla! CMS. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component MFA Management Views. The manipulation results in cross site scripting.

This vulnerability is reported as CVE-2026-48949. The attack can be launched remotely. No exploit exists.