5 vulnerabilities have been found within the Joomla content material administration system that could possibly be leveraged to execute arbitrary code on susceptible web sites.
The seller has addressed the security points, which impression a number of variations of Joomla, and fixes are current in variations 5.0.3 and likewise 4.4.3 of the CMS.
- CVE-2024-21722: The MFA administration options didn’t correctly termine current consumer periods when a consumer’s MFA strategies have been modified.
- CVE-2024-21723: Insufficient parsing of URLs might outcome into an open redirect.
- CVE-2024-21724: Insufficient enter validation for media choice fields result in cross-site scripting (XSS) vulnerabilities in varied extensions.
- CVE-2024-21725: Insufficient escaping of mail addresses result in XSS vulnerabilities in varied elements
- CVE-2024-21726: Insufficient content material filtering inside the filter code resulting in a number of XSS
Joomla’s advisory notes that CVE-2024-21725 is the vulnerability with the best severity danger and has a excessive exploitation chance.
Distant code execution danger
One other difficulty, an XSS tracked as CVE-2024-21726, impacts Joomla’s core filter element. It has a average severity and exploitation chance however Stefan Schiller, a vulnerability researcher at code inspection instruments supplier Sonar, warns that it could possibly be leveraged to realize distant code execution.
“Attackers can leverage the problem to achieve distant code execution by tricking an administrator into clicking on a malicious hyperlink,” mentioned Schiller.
XSS flaws can enable attackers to inject malicious scripts into content material served to different customers, usually enabling the execution of unsafe code via the sufferer’s browser.
Exploiting the problem requires consumer interplay. An attacker would want to trick a consumer with administrator privileges to click on on a malicious hyperlink.
Though the consumer interplay lowers the severity of the vulnerability, attackers are intelligent sufficient to give you correct lures. Alternatively, they’ll launch so-called “spray-and-pray” assaults, the place a bigger viewers is uncovered to the malicious hyperlinks with the hope that some customers would click on them.
Sonar didn’t share any technical particulars in regards to the flaw and the way it may be exploited, to permit a bigger variety of Joomla admins to use the accessible security updates.
“Whereas we cannot be disclosing technical particulars right now, we wish to emphasize the significance of immediate motion to mitigate this danger,” Schiller says within the alert, stressing that every one Joomla customers ought to replace to the most recent model.
