/*====== google reCaptcha ======*/
German Chinese (Traditional) Czech Danish English Filipino French Greek Hebrew Hindi Hungarian Irish Italian Japanese Korean Norwegian Persian Polish Portuguese Russian Spanish Swedish Thai Turkish

Joomla! Security Centre

Geschrieben von Support

Bewertung: 0 / 5

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive
 

  • [20200101] - Core - CSRF in batch actions

    Security Announcements Jan 28, 2020 | 14:00 pm

    Project: Joomla!SubProject: CMSImpact: ModerateSeverity: LowVersions: 3.0.0-3.9.14Exploit type: CSRFReported Date: 2019-December-23Fixed Date: 2020-January-28CVE Number: CVE-2020-8419DescriptionMissing token checks in the batch actions of various components causes CSRF vulnerabilities.Affected InstallsJoomla! CMS versions 3.0.0 - 3.9.14SolutionUpgrade to version 3.9.15ContactThe JSST at the Joomla! Security[…]

    Read more...

  • [20191201] - Core - Path Disclosure in framework files

    Security Announcements Dec 16, 2019 | 14:00 pm

    Project: Joomla!SubProject: CMSImpact: LowSeverity: LowVersions: 3.8.0 - 3.9.13Exploit type: Path DisclosureReported Date: 2019-November-22Fixed Date: 2019-December-17CVE Number: CVE-2019-19845DescriptionMissing access check in framework files could lead to a path disclosure.Affected InstallsJoomla! CMS versions 3.8.0 - 3.9.13SolutionUpgrade to version 3.9.14ContactThe JSST at the Joomla![…]

    Read more...

  • [20191001] - Core - CSRF in com_template overrides view

    Security Announcements Nov 5, 2019 | 14:00 pm

    Project: Joomla!SubProject: CMSImpact: HighSeverity: LowVersions: 3.2.0-3.9.12Exploit type: CSRFReported Date: 2019-October-10Fixed Date: 2019-November-05CVE Number: CVE-2019-18650DescriptionA missing token check in com_template causes a CSRF vulnerability.Affected InstallsJoomla! CMS versions 3.2.0 - 3.9.12SolutionUpgrade to version 3.9.13ContactThe JSST at the Joomla! Security Centre.Reported By: Lee[…]

    Read more...

  • [20190901] - Core - XSS in logo parameter of default templates

    Security Announcements Sep 24, 2019 | 15:00 pm

    Project: Joomla!SubProject: CMSImpact: ModerateSeverity: LowVersions: 3.0.0-3.9.11Exploit type: XSSReported Date: 2019-August-28Fixed Date: 2019-September-24CVE Number: CVE-2019-16725DescriptionInadequate escaping allowed XSS attacks using the logo parameter of the default templates.Affected InstallsJoomla! CMS versions 3.0.0 - 3.9.11SolutionUpgrade to version 3.9.12ContactThe JSST at the Joomla! Security[…]

    Read more...

  • [20190801] - Core - Hardening com_contact contact form

    Security Announcements Aug 13, 2019 | 15:00 pm

    Project: Joomla!SubProject: CMSImpact: ModerateSeverity: LowVersions: 1.6.2 - 3.9.10Exploit type: Incorrect Access ControlReported Date: 2019-April-09Fixed Date: 2019-August-13CVE Number: CVE-2019-15028DescriptionInadequate checks in com_contact could allowed mail submission in disabled forms.Affected InstallsJoomla! CMS versions 1.6.2 - 3.9.10SolutionUpgrade to version 3.9.11ContactThe JSST at the[…]

    Read more...

  • [20190701] - Core - Filter attribute in subform fields allows remote code execution

    Security Announcements Jul 9, 2019 | 15:00 pm

    Project: Joomla!SubProject: CMSImpact: ModerateSeverity: LowVersions: 3.9.7 - 3.9.8Exploit type: Remote Code ExecutionReported Date: 2019-June-20Fixed Date: 2019-July-09CVE Number: CVE-2019-14654DescriptionInadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option.Affected InstallsJoomla! CMS versions 3.9.7[…]

    Read more...

Beitrag teilen

Submit to DeliciousSubmit to DiggSubmit to FacebookSubmit to Google PlusSubmit to StumbleuponSubmit to TechnoratiSubmit to TwitterSubmit to LinkedIn

Empfehlung

Go to top