News Feed Category

Joomla! Security News

    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 3.0.0-3.9.20
    • Exploit type: Open Redirect
    • Reported Date: 2020-July-05
    • Fixed Date: 2020-August-25
    • CVE Number: CVE-2020-24598

    Description

    Lack of input validation in com_content leads to an open redirect.

    Affected Installs

    Joomla! CMS versions 3.0.0 - 3.9.20

    Solution

    Upgrade to version 3.9.21

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Ahmad Kamaran Jamil
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 2.5.0-3.9.20
    • Exploit type: Directory Traversal
    • Reported Date: 2020-February-02
    • Fixed Date: 2020-August-25
    • CVE Number: CVE-2020-24597

    Description

    Lack of input validation allows com_media root paths outside of the webroot.

    Affected Installs

    Joomla! CMS versions 2.5.0 - 3.9.20

    Solution

    Upgrade to version 3.9.21

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Hoang Kien from VSEC
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Moderate
    • Severity: Low
    • Versions: 3.9.0-3.9.20
    • Exploit type: XSS
    • Reported Date: 2020-August-21
    • Fixed Date: 2020-August-25
    • CVE Number: CVE-2020-24599

    Description

    Lack of escaping in mod_latestactions allows XSS attacks.

    Affected Installs

    Joomla! CMS versions 3.9.0 - 3.9.20

    Solution

    Upgrade to version 3.9.21

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Peter Martin
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 3.0.0-3.9.19
    • Exploit type: Information Disclosure
    • Reported Date: 2020-Jun-17
    • Fixed Date: 2020-July-14
    • CVE Number: CVE-2020-15698

    Description

    Inadequate filtering in the system information screen could expose redis or proxy credentials

    Affected Installs

    Joomla! CMS versions 3.0.0 - 3.9.19

    Solution

    Upgrade to version 3.9.20

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Phil Taylor
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 3.0.0-3.9.19
    • Exploit type: XSS
    • Reported Date: 2020-Jun-08
    • Fixed Date: 2020-July-14
    • CVE Number: CVE-2020-15696

    Description

    Lack of input filtering and escaping allows XSS attacks in mod_random_image

    Affected Installs

    Joomla! CMS versions 3.0.0 - 3.9.19

    Solution

    Upgrade to version 3.9.20

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Phil Taylor

About AT Tax

Ball tip biltong pork belly frankfurter shankle jerky leberkas pig kielbasa kay boudin alcatra short loin.

Jowl salami leberkas turkey pork brisket meatball turduc.

Get In Touch

Address: 262 Milacina Mrest.

Phone: +84 3333 6789.

Tax: +04 3333 6789.

Email: support@yoursiteurl.com

Website: www.yoursiteurl.com

Chinese traditional English Japanese Korean Spanish

Join Our Community

Sign up to receive email for the latest information.
© 2017 Your Company. All Rights Reserved. Designed By Age Themes

Search