Security Announcements

This feed provides announcements of resolved security issues in Joomla! software releases.

For more information about the Joomla! Security Strike Team (JSST) and its processes, please review our Security article.

To report potential security issues, please follow the guidelines in the above referenced article. Please note that we are only able to provide support for the Joomla! CMS, Joomla! Framework, and *.joomla.org network of websites.

You can subscribe to notifications from this feed through a RSS reader.

Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Probability: Low
Versions: 3.0.0-3.10.16-elts, 4.0.0-4.4.6, 5.0.0-5.1.2
Exploit type: Cache Poisoning
Reported Date: 2024-05-23
Fixed Date: 2024-08-20
CVE Number: CVE-2024-27185

Description

The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors.

Affected Installs

Joomla! CMS versions 3.0.0-3.10.16-elts, 4.0.0-4.4.6, 5.0.0-5.1.2

Solution

Upgrade to version 3.10.17-elts, 4.4.7 or 5.1.3

Contact

The JSST at the Joomla! Security Centre.

Reported By: Shane Edwards

Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Probability: Low
Versions: 3.4.6-3.10.16-elts, 4.0.0-4.4.6, 5.0.0-5.1.2
Exploit type: Open redirect
Reported Date: 2024-03-20
Fixed Date: 2024-08-20
CVE Number: CVE-2024-27184

Description

Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not.

Affected Installs

Joomla! CMS versions 3.4.6-3.10.16-elts,4.0.0-4.4.6, 5.0.0-5.1.2

Solution

Upgrade to version 3.10.17-elts, 4.4.7 or 5.1.3

Contact

The JSST at the Joomla! Security Centre.

Reported By: Gareth Heyes (PortSwigger Research) & Teodor Ivanov

Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: Moderate
Probability: Low
Versions: 3.7.0-3.10.15-elts, 4.0.0-4.4.5, 5.0.0-5.1.1
Exploit type: XSS
Reported Date: 2024-06-09
Fixed Date: 2024-07-09
CVE Number: CVE-2024-26278

Description

The Custom Fields component not correctly filter inputs, leading to a XSS vector.

Affected Installs

Joomla! CMS versions 3.7.0-3.10.15-elts, 4.0.0-4.4.5, 5.0.0-5.1.1

Solution

Upgrade to version 3.10.16-elts, 4.4.6 or 5.1.2

Contact

The JSST at the Joomla! Security Centre.

Reported By: Jesper den Boer

Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: Moderate
Probability: Low
Versions: 3.0.0-3.10.15-elts, 4.0.0-4.4.5, 5.0.0-5.1.1
Exploit type: XSS
Reported Date: 2024-06-08
Fixed Date: 2024-07-09
CVE Number: CVE-2024-26279

Description

The wrapper extensions do not correctly validate inputs, leading to XSS vectors.

Affected Installs

Joomla! CMS versions 3.0.0-3.10.15-elts, 4.0.0-4.4.5, 5.0.0-5.1.1

Solution

Upgrade to version 3.10.16-elts, 4.4.6 or 5.1.2

Contact

The JSST at the Joomla! Security Centre.

Reported By: Jesper den Boer

Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: Moderate
Probability: Low
Versions: 3.0.0-3.10.15-elts, 4.0.0-4.4.5, 5.0.0-5.1.1
Exploit type: XSS
Reported Date: 2024-06-08
Fixed Date: 2024-07-09
CVE Number: CVE-2024-21731

Description

Improper handling of input could lead to an XSS vector in the StringHelper::truncate method.

Affected Installs

Joomla! CMS versions 3.0.0-3.10.15-elts, 4.0.0-4.4.5, 5.0.0-5.1.1

Solution

Upgrade to version 3.10.16-elts, 4.4.6 or 5.1.2

Contact

The JSST at the Joomla! Security Centre.

Reported By: Jesper den Boer

Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Probability: Low
Versions: 4.0.0-4.4.5, 5.0.0-5.1.1
Exploit type: XSS
Reported Date: 2024-06-03
Fixed Date: 2024-07-09
CVE Number: CVE-2024-21730

Description

The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector.

Affected Installs

Joomla! CMS versions 4.0.0-4.4.5, 5.0.0-5.1.1

Solution

Upgrade to version 4.4.6 or 5.1.2

Contact

The JSST at the Joomla! Security Centre.

Reported By: Jesper den Boer

Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: Moderate
Probability: Moderate
Versions: 4.0.0-4.4.5, 5.0.0-5.1.1
Exploit type: XSS
Reported Date: 2024-02-20
Fixed Date: 2024-07-09
CVE Number: CVE-2024-21729

Description

Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field.

Affected Installs

Joomla! CMS versions 4.0.0-4.4.5, 5.0.0-5.1.1

Solution

Upgrade to version 4.4.6 or 5.1.2

Contact

The JSST at the Joomla! Security Centre.

Reported By: Marco Kadlubski

Project: Joomla! / Joomla! Framework
SubProject: CMS / filter
Impact: Moderate
Severity: Moderate
Probability: Moderate
Versions: 3.7.0-3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2
Exploit type: XSS
Reported Date: 2023-11-22
Fixed Date: 2024-02-20
CVE Number: CVE-2024-21726

Description

Inadequate content filtering leads to XSS vulnerabilities in various components.

Affected Installs

Joomla! CMS versions 3.7.0-3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2

Solution

Upgrade to version 3.10.15-elts, 4.4.3 or 5.0.3

Contact

The JSST at the Joomla! Security Centre.

Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: High
Probability: High
Versions: 4.0.0-4.4.2, 5.0.0-5.0.2
Exploit type: XSS
Reported Date: 2024-01-30
Fixed Date: 2024-02-20
CVE Number: CVE-2024-21725

Description

Inadequate escaping of mail addresses lead to XSS vulnerabilities in various components.

Affected Installs

Joomla! CMS versions 4.0.0-4.4.2, 5.0.0-5.0.2

Solution

Upgrade to version 4.4.3 or 5.0.3

Contact

The JSST at the Joomla! Security Centre.

Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: Moderate
Probability: Moderate
Versions: 1.6.0-3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2
Exploit type: XSS
Reported Date: 2024-01-09
Fixed Date: 2024-02-20
CVE Number: CVE-2024-21724

Description

Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions.

Affected Installs

Joomla! CMS versions 1.6.0 - 3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2

Solution

Upgrade to version 3.10.15-elts, 4.4.3 or 5.0.3

Contact

The JSST at the Joomla! Security Centre.

Page 2 of 28