Joomla

[20200706] - Core - System Information screen could expose redis or proxy credentials

3 weeks 5 days ago
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.0.0-3.9.19
  • Exploit type: Information Disclosure
  • Reported Date: 2020-Jun-17
  • Fixed Date: 2020-July-14
  • CVE Number: CVE-2020-15698
Description

Inadequate filtering in the system information screen could expose redis or proxy credentials

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.19

Solution

Upgrade to version 3.9.20

Contact

The JSST at the Joomla! Security Centre.

Reported By: Phil Taylor
Joomla! Security Strike Team

[20200705] - Core - Escape mod_random_image link

3 weeks 5 days ago
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.0.0-3.9.19
  • Exploit type: XSS
  • Reported Date: 2020-Jun-08
  • Fixed Date: 2020-July-14
  • CVE Number: CVE-2020-15696
Description

Lack of input filtering and escaping allows XSS attacks in mod_random_image

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.19

Solution

Upgrade to version 3.9.20

Contact

The JSST at the Joomla! Security Centre.

Reported By: Phil Taylor
Joomla! Security Strike Team

[20200704] - Core - Variable tampering via user table class

3 weeks 5 days ago
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.0.0-3.9.19
  • Exploit type: Incorrect Access Control
  • Reported Date: 2020-Jun-02
  • Fixed Date: 2020-July-14
  • CVE Number: CVE-2020-15697
Description

Internal read-only fields in the User table class could be modified by users.

Affected Installs

Joomla! CMS versions 3.9.0 - 3.9.19

Solution

Upgrade to version 3.9.20

Contact

The JSST at the Joomla! Security Centre.

Reported By: Phil Taylor
Joomla! Security Strike Team

[20200703] - Core - CSRF in com_privacy remove-request feature

3 weeks 5 days ago
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.9.0-3.9.19
  • Exploit type: CSRF
  • Reported Date: 2020-May-07
  • Fixed Date: 2020-July-14
  • CVE Number: CVE-2020-15695
Description

A missing token check in the remove request section of com_privacy causes a CSRF vulnerability.

Affected Installs

Joomla! CMS versions 3.9.0 - 3.9.19

Solution

Upgrade to version 3.9.20

Contact

The JSST at the Joomla! Security Centre.

Reported By: Bui Duc Anh Khoa from Viettel Cyber Security
Joomla! Security Strike Team

[20200702] - Core - Missing checks can lead to a broken usergroups table record

3 weeks 5 days ago
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Moderate
  • Severity: Low
  • Versions: 2.5.0-3.9.19
  • Exploit type: Incorrect Access Control
  • Reported Date: 2020-April-04
  • Fixed Date: 2020-July-14
  • CVE Number: CVE-2020-15699
Description

Missing validation checks at the usergroups table object can result into an broken site configuration.

Affected Installs

Joomla! CMS versions 2.5.0 - 3.9.19

Solution

Upgrade to version 3.9.20

Contact

The JSST at the Joomla! Security Centre.

Reported By: Hoang Kien from VSEC
Joomla! Security Strike Team

[20200701] - Core - CSRF in com_installer ajax_install endpoint

3 weeks 5 days ago
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.7.0-3.9.19
  • Exploit type: CSRF
  • Reported Date: 2020-May-07
  • Fixed Date: 2020-July-14
  • CVE Number: CVE-2020-XXXXX
Description

A missing token check in the ajax_install endpoint com_installer causes a CSRF vulnerability.

Affected Installs

Joomla! CMS versions 3.7.0 - 3.9.19

Solution

Upgrade to version 3.9.20

Contact

The JSST at the Joomla! Security Centre.

Reported By: Bui Duc Anh Khoa from Viettel Cyber Security
Joomla! Security Strike Team

[20200605] - Core - CSRF in com_postinstall

2 months 1 week ago
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.7.0-3.9.18
  • Exploit type: CSRF
  • Reported Date: 2020-May-08
  • Fixed Date: 2020-June-02
  • CVE Number: CVE-2020-13760
Description

Missing token checks in com_postinstall cause CSRF vulnerabilities.

Affected Installs

Joomla! CMS versions 3.7.0 - 3.9.18

Solution

Upgrade to version 3.9.19

Contact

The JSST at the Joomla! Security Centre.

Reported By: Bui Duc Anh Khoa from Viettel Cyber Security
Joomla! Security Strike Team

[20200604] - Core - XSS in jQuery.htmlPrefilter

2 months 1 week ago
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Moderate
  • Versions: 3.0.0-3.9.18
  • Exploit type: XSS
  • Reported Date: 2020-April-10
  • Fixed Date: 2020-June-02
  • CVE Number: CVE-2020-11022 and CVE-2020-11023
Description

The jQuery project released version 3.5.0, and as part of that, disclosed two security vulnerabilities that affect all prior versions. As mentioned in the jQuery blog, both are "[...] security issues in jQuery’s DOM manipulation methods, as in .html(), .append(), and the others."

The Drupal project has backported the relevant fixes back to jQuery 1.x and Joomla has adopted that patch.

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.18

Solution

Upgrade to version 3.9.19

Contact

The JSST at the Joomla! Security Centre.

Reported By: David Jardin, JSST
Joomla! Security Strike Team

[20200603] - Core - XSS in com_modules tag options

2 months 1 week ago
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Moderate
  • Severity: Low
  • Versions: 3.0.0-3.9.18
  • Exploit type: XSS
  • Reported Date: 2020-May-06
  • Fixed Date: 2020-June-02
  • CVE Number: CVE-2020-13762
Description

Incorrect input validation of the module tag option in com_modules allow XSS attacks.

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.18

Solution

Upgrade to version 3.9.19

Contact

The JSST at the Joomla! Security Centre.

Reported By: Bui Duc Anh Khoa from Viettel Cyber Security
Joomla! Security Strike Team

[20200602] - Core - Inconsistent default textfilter settings

2 months 1 week ago
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 2.5.0-3.9.18
  • Exploit type: Insecure Permissions
  • Reported Date: 2020-April-23
  • Fixed Date: 2020-June-02
  • CVE Number: CVE-2020-13763
Description

The default settings of the global "textfilter" configuration doesn't block HTML inputs for 'Guest' users. With 3.9.19, the textfilter for new installations has been set to 'No HTML' for the groups 'Public', 'Guest' and 'Registered'.

Affected Installs

Joomla! CMS versions 2.5.0 - 3.9.18

Solution

Upgrade to version 3.9.19

Contact

The JSST at the Joomla! Security Centre.

Reported By: Brian Teeman
Joomla! Security Strike Team

[20200601] - Core - XSS in modules heading tag option

2 months 1 week ago
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Moderate
  • Severity: Low
  • Versions: 3.0.0-3.9.18
  • Exploit type: XSS
  • Reported Date: 2020-May-06
  • Fixed Date: 2020-June-02
  • CVE Number: CVE-2020-13761
Description

Lack of input validation in the heading tag option of the "Articles – Newsflash" and "Articles - Categories" modules allow XSS attacks.

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.18

Solution

Upgrade to version 3.9.19

Contact

The JSST at the Joomla! Security Centre.

Reported By: Bui Duc Anh Khoa from Viettel Cyber Security
Joomla! Security Strike Team

[20200403] - Core - Incorrect access control in com_users access level deletion function

3 months 2 weeks ago
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Moderate
  • Severity: Low
  • Versions: 2.5.0 - 3.9.16
  • Exploit type: Incorrect Access Control
  • Reported Date: 2020-March-13
  • Fixed Date: 2020-April-21
  • CVE Number: CVE-2020-11889
Description

Incorrect ACL checks in the access level section of com_users allow the unauthorized deletion of usergroups.

Affected Installs

Joomla! CMS versions 2.5.0 - 3.9.16

Solution

Upgrade to version 3.9.17

Contact

The JSST at the Joomla! Security Centre.

Reported By: Hoang Kien from VSEC
Joomla! Security Strike Team

[20200402] - Core - Missing checks for the root usergroup in usergroup table

3 months 2 weeks ago
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Moderate
  • Severity: Low
  • Versions: 2.5.0 - 3.9.16
  • Exploit type: Incorrect Access Control
  • Reported Date: 2020-February-27
  • Fixed Date: 2020-April-21
  • CVE Number: CVE-2020-11890
Description

Inproper input validations in the usergroup table class could lead to a broken ACL configuration.

Affected Installs

Joomla! CMS versions 2.5.0 - 3.9.16

Solution

Upgrade to version 3.9.17

Contact

The JSST at the Joomla! Security Centre.

Reported By: Hoang Kien from VSEC
Joomla! Security Strike Team

[20200401] - Core - Incorrect access control in com_users access level editing function

3 months 2 weeks ago
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.8.8 - 3.9.16
  • Exploit type: Incorrect Access Control
  • Reported Date: 2020-March-13
  • Fixed Date: 2020-April-21
  • CVE Number: CVE-2020-11891
Description

Incorrect ACL checks in the access level section of com_users allow the unauthorized editing of usergroups.

Affected Installs

Joomla! CMS versions 3.8.8 - 3.9.16

Solution

Upgrade to version 3.9.17

Contact

The JSST at the Joomla! Security Centre.

Reported By: Hoang Kien from VSEC
Joomla! Security Strike Team
Checked
24 minutes 16 seconds ago
Subscribe to Joomla feed
Categrory