Joomla XSS Bugs Open Millions of Websites to RCE

10 months ago 45
News Banner

Looking for an Interim or Fractional CTO to support your business?

Read more

workspace with computer and smartphone, joomla logo on screen.

Source: Jorge Pérez via Alamy Stock Photo

The Joomla open source content management system (CMS) is vulnerable to multiple cross-site scripting (XSS) security vulnerabilities that could allow remote code execution (RCE).

Sonar's Vulnerability Research Team discovered that one fundamental flaw, tracked as CVE-2024-21726, is at the heart of the issues. It affects Joomla's core filter component.

"Inadequate content filtering leads to XSS vulnerabilities in various components," according to Joomla's advisory, which called the bug "moderate" but did not include a CVSS vulnerability-severity score.

Cyberattackers can exploit XSS bugs to inject malicious scripts into benign and trusted websites, which can in turn steal visitor information, perform malicious redirects, or infect users with malware. In this case, assailants can trigger the issues by convincing an administrator to click on a malicious link.

Joomla powers around 2% of all websites, with most deployments publicly accessible — making it an ongoing target for threat actors. The issue is patched in Joomla versions 5.0.3/4.4.3, released today, so users should update ASAP to avoid falling prey to attackers.

Read Entire Article