EIP-2026-108908
PRE-CVEJoomla! Extension UIajaxIM 1.1 - JavaScript Execution
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-108908. PoCs published by 599eme Man.
AI-analyzed exploit summary This is a technical writeup describing a stored XSS vulnerability in Joomla Extension UIajaxIM 1.1. The vulnerability allows JavaScript execution by injecting malicious scripts into chat inputs, affecting both channel and private messages.
Description
Joomla! Extension UIajaxIM 1.1 - JavaScript Execution
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by 599eme Man · textwebappsphp
https://www.exploit-db.com/exploits/9244
This is a technical writeup describing a stored XSS vulnerability in Joomla Extension UIajaxIM 1.1. The vulnerability allows JavaScript execution by injecting malicious scripts into chat inputs, affecting both channel and private messages.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
Joomla Extension UIajaxIM 1.1
Auth required
Prerequisites:
User registration and authentication on the target Joomla site · Access to the UIajaxIM chat interface
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026