CVE-2026-48942 Blast Radius

MEDIUM • CVSS 6.1K2 ≤ 2.26 renders the `#__k2_users.image` column directly into HTML `src` attributes via two distinct templates, in both cases without HTML escaping.

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-48942.