This feed provides announcements of resolved security issues in Joomla! software releases.
For more information about the Joomla! Security Strike Team (JSST) and its processes, please review our Security article.
To report potential security issues, please follow the guidelines in the above referenced article. Please note that we are only able to provide support for the Joomla! CMS, Joomla! Framework, and *.joomla.org network of websites.
You can subscribe to notifications from this feed through a RSS reader.
com_media allowed paths that are not intended for image uploads.
Joomla! CMS versions 3.0.0 - 3.9.24
Upgrade to version 3.9.25
The JSST at the Joomla! Security Centre.
Incorrect ACL checks could allow unauthorized change of the category for an article.
Joomla! CMS versions 3.0.0 - 3.9.24
Upgrade to version 3.9.25
The JSST at the Joomla! Security Centre.
Inadequate filtering of form contents could allow to overwrite the author field. The affected core components are com_fields, com_categories, com_banners, com_contact, com_newsfeeds and com_tags.
Joomla! CMS versions 1.6.0 - 3.9.24
Upgrade to version 3.9.25
The JSST at the Joomla! Security Centre.
Lack of escaping of image-related parameters in multiple com_tags views cause lead to XSS attack vectors.
Joomla! CMS versions 3.1.0 - 3.9.23
Upgrade to version 3.9.24
The JSST at the Joomla! Security Centre.
Lack of escaping in mod_breadcrumbs aria-label attribute allows XSS attacks.
Joomla! CMS versions 3.9.0 - 3.9.23
Upgrade to version 3.9.24
The JSST at the Joomla! Security Centre.
Lack of ACL checks in the orderPosition endpoint of com_modules leak names of unpublished and/or inaccessible modules.
Joomla! CMS versions 3.0.0 - 3.9.23
Upgrade to version 3.9.24
The JSST at the Joomla! Security Centre.
Lack of input validation while handling ACL rulesets can cause write ACL violations.
Joomla! CMS versions 1.7.0 - 3.9.22
Upgrade to version 3.9.23
The JSST at the Joomla! Security Centre.
A missing token check in the emailexport feature of com_privacy causes a CSRF vulnerability.
Joomla! CMS versions 3.9.0 - 3.9.22
Upgrade to version 3.9.23
The JSST at the Joomla! Security Centre.
Improper handling of the username leads to a user enumeration attack vector in the backend login page.
Joomla! CMS versions 3.9.0 - 3.9.22
Upgrade to version 3.9.23
The JSST at the Joomla! Security Centre.
Improper filter blacklist configuration leads to a SQL injection vulnerability in the backend user list.
Joomla! CMS versions 3.0.0 - 3.9.22
Upgrade to version 3.9.23
The JSST at the Joomla! Security Centre.
The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability.
Joomla! CMS versions 2.5.0 - 3.9.22
Upgrade to version 3.9.23
The JSST at the Joomla! Security Centre.
The globlal configuration page does not remove secrets from the HTML output, disclosing the current values.
Joomla! CMS versions 2.5.0 - 3.9.22
Upgrade to version 3.9.23
The JSST at the Joomla! Security Centre.
The autosuggestion feature of com_finder did not respect the access level of the corresponding terms.
Joomla! CMS versions 2.5.0 - 3.9.22
Upgrade to version 3.9.23
The JSST at the Joomla! Security Centre.
Lack of input validation in com_content leads to an open redirect.
Joomla! CMS versions 3.0.0 - 3.9.20
Upgrade to version 3.9.21
The JSST at the Joomla! Security Centre.
Lack of input validation allows com_media root paths outside of the webroot.
Joomla! CMS versions 2.5.0 - 3.9.20
Upgrade to version 3.9.21
The JSST at the Joomla! Security Centre.
Lack of escaping in mod_latestactions allows XSS attacks.
Joomla! CMS versions 3.9.0 - 3.9.20
Upgrade to version 3.9.21
The JSST at the Joomla! Security Centre.
Inadequate filtering in the system information screen could expose redis or proxy credentials
Joomla! CMS versions 3.0.0 - 3.9.19
Upgrade to version 3.9.20
The JSST at the Joomla! Security Centre.
Lack of input filtering and escaping allows XSS attacks in mod_random_image
Joomla! CMS versions 3.0.0 - 3.9.19
Upgrade to version 3.9.20
The JSST at the Joomla! Security Centre.
Internal read-only fields in the User table class could be modified by users.
Joomla! CMS versions 3.9.0 - 3.9.19
Upgrade to version 3.9.20
The JSST at the Joomla! Security Centre.
A missing token check in the remove request section of com_privacy causes a CSRF vulnerability.
Joomla! CMS versions 3.9.0 - 3.9.19
Upgrade to version 3.9.20
The JSST at the Joomla! Security Centre.
Missing validation checks at the usergroups table object can result into an broken site configuration.
Joomla! CMS versions 2.5.0 - 3.9.19
Upgrade to version 3.9.20
The JSST at the Joomla! Security Centre.
A missing token check in the ajax_install endpoint com_installer causes a CSRF vulnerability.
Joomla! CMS versions 3.7.0 - 3.9.19
Upgrade to version 3.9.20
The JSST at the Joomla! Security Centre.
Missing token checks in com_postinstall cause CSRF vulnerabilities.
Joomla! CMS versions 3.7.0 - 3.9.18
Upgrade to version 3.9.19
The JSST at the Joomla! Security Centre.
The jQuery project released version 3.5.0, and as part of that, disclosed two security vulnerabilities that affect all prior versions. As mentioned in the jQuery blog, both are "[...] security issues in jQuery’s DOM manipulation methods, as in .html(), .append(), and the others."
The Drupal project has backported the relevant fixes back to jQuery 1.x and Joomla has adopted that patch.
Joomla! CMS versions 3.0.0 - 3.9.18
Upgrade to version 3.9.19
The JSST at the Joomla! Security Centre.
Incorrect input validation of the module tag option in com_modules allow XSS attacks.
Joomla! CMS versions 3.0.0 - 3.9.18
Upgrade to version 3.9.19
The JSST at the Joomla! Security Centre.