Security Announcements
This feed provides announcements of resolved security issues in Joomla! software releases.
For more information about the Joomla! Security Strike Team (JSST) and its processes, please review our Security article.
To report potential security issues, please follow the guidelines in the above referenced article. Please note that we are only able to provide support for the Joomla! CMS, Joomla! Framework, and *.joomla.org network of websites.
You can subscribe to notifications from this feed through a RSS reader.
[20201103] - Core - Path traversal in mod_random_image
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 2.5.0-3.9.22
- Exploit type: Path traversal
- Reported Date: 2020-10-06
- Fixed Date: 2020-11-24
- CVE Number: CVE-2020-35612
Description
The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability.
Affected Installs
Joomla! CMS versions 2.5.0 - 3.9.22
Solution
Upgrade to version 3.9.23
Contact
The JSST at the Joomla! Security Centre.
[20201102] - Core - Disclosure of secrets in Global Configuration page
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 2.5.0-3.9.22
- Exploit type: Information Disclosure
- Reported Date: 2020-09-23
- Fixed Date: 2020-11-24
- CVE Number: CVE-2020-35611
Description
The globlal configuration page does not remove secrets from the HTML output, disclosing the current values.
Affected Installs
Joomla! CMS versions 2.5.0 - 3.9.22
Solution
Upgrade to version 3.9.23
Contact
The JSST at the Joomla! Security Centre.
[20201101] - Core - com_finder ignores access levels on autosuggest
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 2.5.0-3.9.22
- Exploit type: Information Disclosure
- Reported Date: 2020-06-21
- Fixed Date: 2020-11-24
- CVE Number: CVE-2020-35610
Description
The autosuggestion feature of com_finder did not respect the access level of the corresponding terms.
Affected Installs
Joomla! CMS versions 2.5.0 - 3.9.22
Solution
Upgrade to version 3.9.23
Contact
The JSST at the Joomla! Security Centre.
[20200802] - Core - Open redirect in com_content vote feature
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.0.0-3.9.20
- Exploit type: Open Redirect
- Reported Date: 2020-July-05
- Fixed Date: 2020-August-25
- CVE Number: CVE-2020-24598
Description
Lack of input validation in com_content leads to an open redirect.
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.20
Solution
Upgrade to version 3.9.21
Contact
The JSST at the Joomla! Security Centre.
[20200803] - Core - Directory traversal in com_media
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 2.5.0-3.9.20
- Exploit type: Directory Traversal
- Reported Date: 2020-February-02
- Fixed Date: 2020-August-25
- CVE Number: CVE-2020-24597
Description
Lack of input validation allows com_media root paths outside of the webroot.
Affected Installs
Joomla! CMS versions 2.5.0 - 3.9.20
Solution
Upgrade to version 3.9.21
Contact
The JSST at the Joomla! Security Centre.
[20200801] - Core - XSS in mod_latestactions
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 3.9.0-3.9.20
- Exploit type: XSS
- Reported Date: 2020-August-21
- Fixed Date: 2020-August-25
- CVE Number: CVE-2020-24599
Description
Lack of escaping in mod_latestactions allows XSS attacks.
Affected Installs
Joomla! CMS versions 3.9.0 - 3.9.20
Solution
Upgrade to version 3.9.21
Contact
The JSST at the Joomla! Security Centre.
[20200706] - Core - System Information screen could expose redis or proxy credentials
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.0.0-3.9.19
- Exploit type: Information Disclosure
- Reported Date: 2020-Jun-17
- Fixed Date: 2020-July-14
- CVE Number: CVE-2020-15698
Description
Inadequate filtering in the system information screen could expose redis or proxy credentials
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.19
Solution
Upgrade to version 3.9.20
Contact
The JSST at the Joomla! Security Centre.
[20200705] - Core - Escape mod_random_image link
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.0.0-3.9.19
- Exploit type: XSS
- Reported Date: 2020-Jun-08
- Fixed Date: 2020-July-14
- CVE Number: CVE-2020-15696
Description
Lack of input filtering and escaping allows XSS attacks in mod_random_image
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.19
Solution
Upgrade to version 3.9.20
Contact
The JSST at the Joomla! Security Centre.
[20200704] - Core - Variable tampering via user table class
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.0.0-3.9.19
- Exploit type: Incorrect Access Control
- Reported Date: 2020-Jun-02
- Fixed Date: 2020-July-14
- CVE Number: CVE-2020-15697
Description
Internal read-only fields in the User table class could be modified by users.
Affected Installs
Joomla! CMS versions 3.9.0 - 3.9.19
Solution
Upgrade to version 3.9.20
Contact
The JSST at the Joomla! Security Centre.
[20200703] - Core - CSRF in com_privacy remove-request feature
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.9.0-3.9.19
- Exploit type: CSRF
- Reported Date: 2020-May-07
- Fixed Date: 2020-July-14
- CVE Number: CVE-2020-15695
Description
A missing token check in the remove request section of com_privacy causes a CSRF vulnerability.
Affected Installs
Joomla! CMS versions 3.9.0 - 3.9.19
Solution
Upgrade to version 3.9.20
Contact
The JSST at the Joomla! Security Centre.