A recent update has been issued for Joomla, a popular open-source content management system, to address critical cross-site scripting (XSS) vulnerabilities. This update, released on Tuesday by the project's developers, aims to bolster the security of the CMS which powers approximately 2% of websites worldwide, as reported by W3Techs. The security flaws identified could potentially put millions of websites at risk, allowing attackers to perform remote code executions.
The vulnerabilities, identified by researchers at SonarSource, originate from a lack of effective content filtering in Joomla's filtering mechanisms. Specifically, the vulnerability, cataloged as CVE-2024-21726, could enable attackers to deceive an administrator into clicking a malicious link, leading to the execution of unauthorized code remotely.
The developers have withheld the specifics of the vulnerabilities to prevent exploitation, urging Joomla administrators to promptly upgrade to the newest version for protection. Among the notable entities relying on Joomla are the Croatian newspapers Jutarnji List and Slobodna Dalmacija, as well as the official site for India's national identity authority.
The essence of Joomla's security measures lies in its core filter component, designed to scrutinize and sanitize user inputs. This function is pivotal in defending against XSS attacks by validating and cleansing data inputs, thereby safeguarding the system against malicious entries.
With the release of Joomla version 5.0.3, the development team promises mitigation against the highlighted XSS issues and additional security concerns.
In a conversation with the Information Security Media Group, Stefan Schiller of SonarSource detailed how the exploit works: an attacker creates a harmful link that, when clicked by an administrator, runs a JavaScript payload within the administrator's session. This breach can lead to remote code execution, compromising the Joomla server's security.
0 Comments