This feed provides announcements of resolved security issues in Joomla! software releases.

For more information about the Joomla! Security Strike Team (JSST) and its processes, please review our Security article.

To report potential security issues, please follow the guidelines in the above referenced article. Please note that we are only able to provide support for the Joomla! CMS, Joomla! Framework, and *.joomla.org network of websites.

You can subscribe to notifications from this feed through a RSS reader or email notifications via FeedBurner.

  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 2.5.0-3.9.20
  • Exploit type: Directory Traversal
  • Reported Date: 2020-February-02
  • Fixed Date: 2020-August-25
  • CVE Number: CVE-2020-24597

Description

Lack of input validation allows com_media root paths outside of the webroot.

Affected Installs

Joomla! CMS versions 2.5.0 - 3.9.20

Solution

Upgrade to version 3.9.21

Contact

The JSST at the Joomla! Security Centre.

Reported By: Hoang Kien from VSEC
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Moderate
  • Severity: Low
  • Versions: 3.9.0-3.9.20
  • Exploit type: XSS
  • Reported Date: 2020-August-21
  • Fixed Date: 2020-August-25
  • CVE Number: CVE-2020-24599

Description

Lack of escaping in mod_latestactions allows XSS attacks.

Affected Installs

Joomla! CMS versions 3.9.0 - 3.9.20

Solution

Upgrade to version 3.9.21

Contact

The JSST at the Joomla! Security Centre.

Reported By: Peter Martin
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.0.0-3.9.19
  • Exploit type: Information Disclosure
  • Reported Date: 2020-Jun-17
  • Fixed Date: 2020-July-14
  • CVE Number: CVE-2020-15698

Description

Inadequate filtering in the system information screen could expose redis or proxy credentials

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.19

Solution

Upgrade to version 3.9.20

Contact

The JSST at the Joomla! Security Centre.

Reported By: Phil Taylor
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.0.0-3.9.19
  • Exploit type: XSS
  • Reported Date: 2020-Jun-08
  • Fixed Date: 2020-July-14
  • CVE Number: CVE-2020-15696

Description

Lack of input filtering and escaping allows XSS attacks in mod_random_image

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.19

Solution

Upgrade to version 3.9.20

Contact

The JSST at the Joomla! Security Centre.

Reported By: Phil Taylor
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.0.0-3.9.19
  • Exploit type: Incorrect Access Control
  • Reported Date: 2020-Jun-02
  • Fixed Date: 2020-July-14
  • CVE Number: CVE-2020-15697

Description

Internal read-only fields in the User table class could be modified by users.

Affected Installs

Joomla! CMS versions 3.9.0 - 3.9.19

Solution

Upgrade to version 3.9.20

Contact

The JSST at the Joomla! Security Centre.

Reported By: Phil Taylor
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.9.0-3.9.19
  • Exploit type: CSRF
  • Reported Date: 2020-May-07
  • Fixed Date: 2020-July-14
  • CVE Number: CVE-2020-15695

Description

A missing token check in the remove request section of com_privacy causes a CSRF vulnerability.

Affected Installs

Joomla! CMS versions 3.9.0 - 3.9.19

Solution

Upgrade to version 3.9.20

Contact

The JSST at the Joomla! Security Centre.

Reported By: Bui Duc Anh Khoa from Viettel Cyber Security
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Moderate
  • Severity: Low
  • Versions: 2.5.0-3.9.19
  • Exploit type: Incorrect Access Control
  • Reported Date: 2020-April-04
  • Fixed Date: 2020-July-14
  • CVE Number: CVE-2020-15699

Description

Missing validation checks at the usergroups table object can result into an broken site configuration.

Affected Installs

Joomla! CMS versions 2.5.0 - 3.9.19

Solution

Upgrade to version 3.9.20

Contact

The JSST at the Joomla! Security Centre.

Reported By: Hoang Kien from VSEC
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.7.0-3.9.19
  • Exploit type: CSRF
  • Reported Date: 2020-May-07
  • Fixed Date: 2020-July-14
  • CVE Number: CVE-2020-XXXXX

Description

A missing token check in the ajax_install endpoint com_installer causes a CSRF vulnerability.

Affected Installs

Joomla! CMS versions 3.7.0 - 3.9.19

Solution

Upgrade to version 3.9.20

Contact

The JSST at the Joomla! Security Centre.

Reported By: Bui Duc Anh Khoa from Viettel Cyber Security
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.7.0-3.9.18
  • Exploit type: CSRF
  • Reported Date: 2020-May-08
  • Fixed Date: 2020-June-02
  • CVE Number: CVE-2020-13760

Description

Missing token checks in com_postinstall cause CSRF vulnerabilities.

Affected Installs

Joomla! CMS versions 3.7.0 - 3.9.18

Solution

Upgrade to version 3.9.19

Contact

The JSST at the Joomla! Security Centre.

Reported By: Bui Duc Anh Khoa from Viettel Cyber Security
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Moderate
  • Versions: 3.0.0-3.9.18
  • Exploit type: XSS
  • Reported Date: 2020-April-10
  • Fixed Date: 2020-June-02
  • CVE Number: CVE-2020-11022 and CVE-2020-11023

Description

The jQuery project released version 3.5.0, and as part of that, disclosed two security vulnerabilities that affect all prior versions. As mentioned in the jQuery blog, both are "[...] security issues in jQuery’s DOM manipulation methods, as in .html(), .append(), and the others."

The Drupal project has backported the relevant fixes back to jQuery 1.x and Joomla has adopted that patch.

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.18

Solution

Upgrade to version 3.9.19

Contact

The JSST at the Joomla! Security Centre.

Reported By: David Jardin, JSST