Security Announcements
This feed provides announcements of resolved security issues in Joomla! software releases.
For more information about the Joomla! Security Strike Team (JSST) and its processes, please review our Security article.
To report potential security issues, please follow the guidelines in the above referenced article. Please note that we are only able to provide support for the Joomla! CMS, Joomla! Framework, and *.joomla.org network of websites.
You can subscribe to notifications from this feed through a RSS reader.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 3.0.0 - 3.9.24
- Exploit type: Improper Input Validation
- Reported Date: 2020-02-17
- Fixed Date: 2021-03-02
- CVE Number: CVE-2021-23132
Description
com_media allowed paths that are not intended for image uploads.
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.24
Solution
Upgrade to version 3.9.25
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 3.0.0 - 3.9.24
- Exploit type: ACL violation
- Reported Date: 2020-10-25
- Fixed Date: 2021-03-02
- CVE Number: CVE-2021-26027
Description
Incorrect ACL checks could allow unauthorized change of the category for an article.
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.24
Solution
Upgrade to version 3.9.25
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 1.6.0 - 3.9.24
- Exploit type: ACL Violation
- Reported Date: 2021-01-31
- Fixed Date: 2021-03-02
- CVE Number: CVE-2021-26029
Description
Inadequate filtering of form contents could allow to overwrite the author field. The affected core components are com_fields, com_categories, com_banners, com_contact, com_newsfeeds and com_tags.
Affected Installs
Joomla! CMS versions 1.6.0 - 3.9.24
Solution
Upgrade to version 3.9.25
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions:3.1.0 - 3.9.23
- Exploit type: XSS
- Reported Date: 2020-09-01
- Fixed Date: 2021-01-12
- CVE Number: CVE-2021-23125
Description
Lack of escaping of image-related parameters in multiple com_tags views cause lead to XSS attack vectors.
Affected Installs
Joomla! CMS versions 3.1.0 - 3.9.23
Solution
Upgrade to version 3.9.24
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions:3.9.0 - 3.9.23
- Exploit type: XSS
- Reported Date: 2020-09-01
- Fixed Date: 2021-01-12
- CVE Number: CVE-2021-23124
Description
Lack of escaping in mod_breadcrumbs aria-label attribute allows XSS attacks.
Affected Installs
Joomla! CMS versions 3.9.0 - 3.9.23
Solution
Upgrade to version 3.9.24
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions:3.0.0 - 3.9.23
- Exploit type: Incorrect Access Control
- Reported Date: 2020-07-07
- Fixed Date: 2021-01-12
- CVE Number: CVE-2021-23123
Description
Lack of ACL checks in the orderPosition endpoint of com_modules leak names of unpublished and/or inaccessible modules.
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.23
Solution
Upgrade to version 3.9.24
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: High
- Severity: Low
- Versions:1.7.0 - 3.9.22
- Exploit type: ACL Violation
- Reported Date: 2018-11-04
- Fixed Date: 2020-11-24
- CVE Number: CVE-2020-35616
Description
Lack of input validation while handling ACL rulesets can cause write ACL violations.
Affected Installs
Joomla! CMS versions 1.7.0 - 3.9.22
Solution
Upgrade to version 3.9.23
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.9.0-3.9.22
- Exploit type: CSRF
- Reported Date: 2020-10-08
- Fixed Date: 2020-11-24
- CVE Number: CVE-2020-35615
Description
A missing token check in the emailexport feature of com_privacy causes a CSRF vulnerability.
Affected Installs
Joomla! CMS versions 3.9.0 - 3.9.22
Solution
Upgrade to version 3.9.23
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.9.0-3.9.22
- Exploit type: User Enumeration
- Reported Date: 2020-08-15
- Fixed Date: 2020-11-24
- CVE Number: CVE-2020-35614
Description
Improper handling of the username leads to a user enumeration attack vector in the backend login page.
Affected Installs
Joomla! CMS versions 3.9.0 - 3.9.22
Solution
Upgrade to version 3.9.23
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: High
- Severity: Low
- Versions: 3.0.0-3.9.22
- Exploit type: SQL Injection
- Reported Date: 2020-10-13
- Fixed Date: 2020-11-24
- CVE Number: CVE-2020-35613
Description
Improper filter blacklist configuration leads to a SQL injection vulnerability in the backend user list.
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.22
Solution
Upgrade to version 3.9.23
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 2.5.0-3.9.22
- Exploit type: Path traversal
- Reported Date: 2020-10-06
- Fixed Date: 2020-11-24
- CVE Number: CVE-2020-35612
Description
The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability.
Affected Installs
Joomla! CMS versions 2.5.0 - 3.9.22
Solution
Upgrade to version 3.9.23
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 2.5.0-3.9.22
- Exploit type: Information Disclosure
- Reported Date: 2020-09-23
- Fixed Date: 2020-11-24
- CVE Number: CVE-2020-35611
Description
The globlal configuration page does not remove secrets from the HTML output, disclosing the current values.
Affected Installs
Joomla! CMS versions 2.5.0 - 3.9.22
Solution
Upgrade to version 3.9.23
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 2.5.0-3.9.22
- Exploit type: Information Disclosure
- Reported Date: 2020-06-21
- Fixed Date: 2020-11-24
- CVE Number: CVE-2020-35610
Description
The autosuggestion feature of com_finder did not respect the access level of the corresponding terms.
Affected Installs
Joomla! CMS versions 2.5.0 - 3.9.22
Solution
Upgrade to version 3.9.23
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.0.0-3.9.20
- Exploit type: Open Redirect
- Reported Date: 2020-July-05
- Fixed Date: 2020-August-25
- CVE Number: CVE-2020-24598
Description
Lack of input validation in com_content leads to an open redirect.
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.20
Solution
Upgrade to version 3.9.21
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 2.5.0-3.9.20
- Exploit type: Directory Traversal
- Reported Date: 2020-February-02
- Fixed Date: 2020-August-25
- CVE Number: CVE-2020-24597
Description
Lack of input validation allows com_media root paths outside of the webroot.
Affected Installs
Joomla! CMS versions 2.5.0 - 3.9.20
Solution
Upgrade to version 3.9.21
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 3.9.0-3.9.20
- Exploit type: XSS
- Reported Date: 2020-August-21
- Fixed Date: 2020-August-25
- CVE Number: CVE-2020-24599
Description
Lack of escaping in mod_latestactions allows XSS attacks.
Affected Installs
Joomla! CMS versions 3.9.0 - 3.9.20
Solution
Upgrade to version 3.9.21
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.0.0-3.9.19
- Exploit type: Information Disclosure
- Reported Date: 2020-Jun-17
- Fixed Date: 2020-July-14
- CVE Number: CVE-2020-15698
Description
Inadequate filtering in the system information screen could expose redis or proxy credentials
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.19
Solution
Upgrade to version 3.9.20
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.0.0-3.9.19
- Exploit type: XSS
- Reported Date: 2020-Jun-08
- Fixed Date: 2020-July-14
- CVE Number: CVE-2020-15696
Description
Lack of input filtering and escaping allows XSS attacks in mod_random_image
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.19
Solution
Upgrade to version 3.9.20
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.0.0-3.9.19
- Exploit type: Incorrect Access Control
- Reported Date: 2020-Jun-02
- Fixed Date: 2020-July-14
- CVE Number: CVE-2020-15697
Description
Internal read-only fields in the User table class could be modified by users.
Affected Installs
Joomla! CMS versions 3.9.0 - 3.9.19
Solution
Upgrade to version 3.9.20
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.9.0-3.9.19
- Exploit type: CSRF
- Reported Date: 2020-May-07
- Fixed Date: 2020-July-14
- CVE Number: CVE-2020-15695
Description
A missing token check in the remove request section of com_privacy causes a CSRF vulnerability.
Affected Installs
Joomla! CMS versions 3.9.0 - 3.9.19
Solution
Upgrade to version 3.9.20
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 2.5.0-3.9.19
- Exploit type: Incorrect Access Control
- Reported Date: 2020-April-04
- Fixed Date: 2020-July-14
- CVE Number: CVE-2020-15699
Description
Missing validation checks at the usergroups table object can result into an broken site configuration.
Affected Installs
Joomla! CMS versions 2.5.0 - 3.9.19
Solution
Upgrade to version 3.9.20
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.7.0-3.9.19
- Exploit type: CSRF
- Reported Date: 2020-May-07
- Fixed Date: 2020-July-14
- CVE Number: CVE-2020-XXXXX
Description
A missing token check in the ajax_install endpoint com_installer causes a CSRF vulnerability.
Affected Installs
Joomla! CMS versions 3.7.0 - 3.9.19
Solution
Upgrade to version 3.9.20
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.7.0-3.9.18
- Exploit type: CSRF
- Reported Date: 2020-May-08
- Fixed Date: 2020-June-02
- CVE Number: CVE-2020-13760
Description
Missing token checks in com_postinstall cause CSRF vulnerabilities.
Affected Installs
Joomla! CMS versions 3.7.0 - 3.9.18
Solution
Upgrade to version 3.9.19
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Moderate
- Versions: 3.0.0-3.9.18
- Exploit type: XSS
- Reported Date: 2020-April-10
- Fixed Date: 2020-June-02
- CVE Number: CVE-2020-11022 and CVE-2020-11023
Description
The jQuery project released version 3.5.0, and as part of that, disclosed two security vulnerabilities that affect all prior versions. As mentioned in the jQuery blog, both are "[...] security issues in jQuery’s DOM manipulation methods, as in .html(), .append(), and the others."
The Drupal project has backported the relevant fixes back to jQuery 1.x and Joomla has adopted that patch.
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.18
Solution
Upgrade to version 3.9.19
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 3.0.0-3.9.18
- Exploit type: XSS
- Reported Date: 2020-May-06
- Fixed Date: 2020-June-02
- CVE Number: CVE-2020-13762
Description
Incorrect input validation of the module tag option in com_modules allow XSS attacks.
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.18
Solution
Upgrade to version 3.9.19
Contact
The JSST at the Joomla! Security Centre.