5 vulnerabilities have been found within the Joomla content material administration system that might be leveraged to execute arbitrary code on weak web sites.
The seller has addressed the safety points, which influence a number of variations of Joomla, and fixes are current in variations 5.0.3 and likewise 4.4.3 of the CMS.
- CVE-2024-21722: The MFA administration options didn’t correctly termine present person classes when a person’s MFA strategies have been modified.
- CVE-2024-21723: Insufficient parsing of URLs may outcome into an open redirect.
- CVE-2024-21724: Insufficient enter validation for media choice fields result in cross-site scripting (XSS) vulnerabilities in varied extensions.
- CVE-2024-21725: Insufficient escaping of mail addresses result in XSS vulnerabilities in varied parts
- CVE-2024-21726: Insufficient content material filtering inside the filter code resulting in a number of XSS
Joomla’s advisory notes that CVE-2024-21725 is the vulnerability with the very best severity danger and has a excessive exploitation likelihood.
Distant code execution danger
One other problem, an XSS tracked as CVE-2024-21726, impacts Joomla’s core filter part. It has a reasonable severity and exploitation likelihood however Stefan Schiller, a vulnerability researcher at code inspection instruments supplier Sonar, warns that it might be leveraged to realize distant code execution.
“Attackers can leverage the problem to realize distant code execution by tricking an administrator into clicking on a malicious hyperlink,” mentioned Schiller.
XSS flaws can permit attackers to inject malicious scripts into content material served to different customers, usually enabling the execution of unsafe code by the sufferer’s browser.
Exploiting the problem requires person interplay. An attacker would wish to trick a person with administrator privileges to click on on a malicious hyperlink.
Though the person interplay lowers the severity of the vulnerability, attackers are intelligent sufficient to give you correct lures. Alternatively, they’ll launch so-called “spray-and-pray” assaults, the place a bigger viewers is uncovered to the malicious hyperlinks with the hope that some customers would click on them.
Sonar didn’t share any technical particulars in regards to the flaw and the way it may be exploited, to permit a bigger variety of Joomla admins to use the accessible safety updates.
“Whereas we can’t be disclosing technical particulars presently, we need to emphasize the significance of immediate motion to mitigate this danger,” Schiller says within the alert, stressing that every one Joomla customers ought to replace to the newest model.