CVE-2026-35221

Description

Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_finder.

References

• https://developer.joomla.org/security-centre/1038-20260506-core-authenticated-blind-sqli-in-com-finder.html