This feed provides announcements of resolved security issues in Joomla! software releases.

For more information about the Joomla! Security Strike Team (JSST) and its processes, please review our Security article.

To report potential security issues, please follow the guidelines in the above referenced article. Please note that we are only able to provide support for the Joomla! CMS, Joomla! Framework, and *.joomla.org network of websites.

You can subscribe to notifications from this feed through a RSS reader or email notifications via FeedBurner.

  • Project: Joomla!
  • SubProject: CMS
  • Impact: Moderate
  • Severity: Low
  • Versions: 3.0.0 - 3.9.27
  • Exploit type: XSS
  • Reported Date: 2021-06-22
  • Fixed Date: 2021-07-06
  • CVE Number: CVE-2021-26039

Description

Inadequate escaping in the imagelist view of com_media leads to a XSS vulnerability.

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.27

Solution

Upgrade to version 3.9.28

Contact

The JSST at the Joomla! Security Centre.

Reported By: Hagai Wechsler / WhiteSourceSoftware
  • Project: Joomla!
  • SubProject: CMS
  • Impact: High
  • Severity: Low
  • Versions: 2.5.0 - 3.9.27
  • Exploit type: Incorrect Access Control
  • Reported Date: 2021-06-06
  • Fixed Date: 2021-07-06
  • CVE Number: CVE-2021-26038

Description

Install action in com_installer lack the required hardcoded ACL checks for superusers, leading to various potential attack vectors. A default system is not affected cause by default com_installer is limited to super users already.

Affected Installs

Joomla! CMS versions 2.5.0 - 3.9.27

Solution

Upgrade to version 3.9.28

Contact

The JSST at the Joomla! Security Centre.

Reported By: Nicholas Dionysopoulos
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Moderate
  • Severity: Low
  • Versions: 2.5.0 - 3.9.27
  • Exploit type: Incorrect Session Handling
  • Reported Date: 2019-02-08
  • Fixed Date: 2021-07-06
  • CVE Number: CVE-2021-26037

Description

Various CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked.

Affected Installs

Joomla! CMS versions 2.5.0 - 3.9.27

Solution

Upgrade to version 3.9.28

Contact

The JSST at the Joomla! Security Centre.

Reported By: Carsten Schmitz, Atik Islam, Dennis Hermatski, Muhammad Hussain, th3lawbreaker, Hoang Kien
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 2.5.0 - 3.9.27
  • Exploit type: DoS
  • Reported Date: 2021-06-08
  • Fixed Date: 2021-07-06
  • CVE Number: CVE-2021-26036

Description

Missing validation of input could lead to a broken usergroups table.

Affected Installs

Joomla! CMS versions 2.5.0 - 3.9.27

Solution

Upgrade to version 3.9.28

Contact

The JSST at the Joomla! Security Centre.

Reported By: Hoang Kien from VSEC
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.0.0 - 3.9.27
  • Exploit type: XSS
  • Reported Date: 2021-05-29
  • Fixed Date: 2021-07-06
  • CVE Number: CVE-2021-26035

Description

Inadequate escaping in the Rules field of the JForm API leads to a XSS vulnerability.

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.27

Solution

Upgrade to version 3.9.28

Contact

The JSST at the Joomla! Security Centre.

Reported By: Hoang Nguyen
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.0.0 - 3.9.26
  • Exploit type: CSRF
  • Reported Date: 2021-05-07
  • Fixed Date: 2021-05-25
  • CVE Number: CVE-2021-26034

Description

A missing token check causes a CSRF vulnerability in data download endpoints in com_banners and com_sysinfo.

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.26

Solution

Upgrade to version 3.9.27

Contact

The JSST at the Joomla! Security Centre.

Reported By: Phil Taylor
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.0.0 - 3.9.26
  • Exploit type: CSRF
  • Reported Date: 2021-05-07
  • Fixed Date: 2021-05-25
  • CVE Number: CVE-2021-26033

Description

A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint.

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.26

Solution

Upgrade to version 3.9.27

Contact

The JSST at the Joomla! Security Centre.

Reported By: Phil Taylor
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.0.0 - 3.9.26
  • Exploit type: XSS
  • Reported Date: 2021-03-05
  • Fixed Date: 2021-05-25
  • CVE Number: CVE-2021-26032

Description

HTML was missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors.

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.26

Solution

Upgrade to version 3.9.27

Contact

The JSST at the Joomla! Security Centre.

Reported By: Adrian Tiron, Fortbridge
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.0.0 - 3.9.25
  • Exploit type: LFI
  • Reported Date: 2021-01-03
  • Fixed Date: 2021-04-13
  • CVE Number: CVE-2021-26031

Description

Inadequate filters on module layout settings could lead to an LFI.

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.25

Solution

Upgrade to version 3.9.26

Contact

The JSST at the Joomla! Security Centre.

Reported By: Lee Thao from Viettel Cyber Security
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.0.0 - 3.9.25
  • Exploit type: XSS
  • Reported Date: 2021-03-09
  • Fixed Date: 2021-04-13
  • CVE Number: CVE-2021-26030

Description

Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error pages.

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.25

Solution

Upgrade to version 3.9.26

Contact

The JSST at the Joomla! Security Centre.

Reported By: HOANG NGUYEN