News Feed Category

Joomla! Security News

    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 3.0.0-3.9.19
    • Exploit type: Information Disclosure
    • Reported Date: 2020-Jun-17
    • Fixed Date: 2020-July-14
    • CVE Number: CVE-2020-15698

    Description

    Inadequate filtering in the system information screen could expose redis or proxy credentials

    Affected Installs

    Joomla! CMS versions 3.0.0 - 3.9.19

    Solution

    Upgrade to version 3.9.20

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Phil Taylor
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 3.0.0-3.9.19
    • Exploit type: XSS
    • Reported Date: 2020-Jun-08
    • Fixed Date: 2020-July-14
    • CVE Number: CVE-2020-15696

    Description

    Lack of input filtering and escaping allows XSS attacks in mod_random_image

    Affected Installs

    Joomla! CMS versions 3.0.0 - 3.9.19

    Solution

    Upgrade to version 3.9.20

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Phil Taylor
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 3.0.0-3.9.19
    • Exploit type: Incorrect Access Control
    • Reported Date: 2020-Jun-02
    • Fixed Date: 2020-July-14
    • CVE Number: CVE-2020-15697

    Description

    Internal read-only fields in the User table class could be modified by users.

    Affected Installs

    Joomla! CMS versions 3.9.0 - 3.9.19

    Solution

    Upgrade to version 3.9.20

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Phil Taylor
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 3.9.0-3.9.19
    • Exploit type: CSRF
    • Reported Date: 2020-May-07
    • Fixed Date: 2020-July-14
    • CVE Number: CVE-2020-15695

    Description

    A missing token check in the remove request section of com_privacy causes a CSRF vulnerability.

    Affected Installs

    Joomla! CMS versions 3.9.0 - 3.9.19

    Solution

    Upgrade to version 3.9.20

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:Bui Duc Anh Khoa from Viettel Cyber Security
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Moderate
    • Severity: Low
    • Versions: 2.5.0-3.9.19
    • Exploit type: Incorrect Access Control
    • Reported Date: 2020-April-04
    • Fixed Date: 2020-July-14
    • CVE Number: CVE-2020-15699

    Description

    Missing validation checks at the usergroups table object can result into an broken site configuration.

    Affected Installs

    Joomla! CMS versions 2.5.0 - 3.9.19

    Solution

    Upgrade to version 3.9.20

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:Hoang Kien from VSEC

About ET Gaming

Ball tip biltong pork belly frankfurter shankle jerky leberkas pig kielbasa kay boudin alcatra short loin.

Jowl salami leberkas turkey pork brisket meatball turducken flank bilto porke belly ball tip. pork belly frankf urtane bilto

Get In Touch

Address: 262 Milacina Mrest Street.

Phone: +84 3333 6789.

Tax: +04 3333 6789.

Email: support@yoursiteurl.com

Website: www.yoursiteurl.com

Join Our Community

Sign up to receive email for the latest information.
© 2020 Intensious. All Rights Reserved.

Search