CINXE.COM
Security Announcements
<!DOCTYPE html> <html lang="en-gb" dir="ltr"> <head> <meta charset="utf-8"> <meta name="twitter:image" content="https://developer.joomla.org/images/security_centre.png"> <meta name="twitter:title" content="Security Centre"> <meta name="twitter:description" content="Feed containing all security announcements from the Joomla! project."> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="apple-mobile-web-app-capable" content="yes"> <meta name="apple-mobile-web-app-status-bar-style" content="blue"> <meta name="twitter:card" content="summary_large_image"> <meta name="twitter:site" content="@joomla"> <meta name="referrer" content="unsafe-url"> <meta property="og:image" content="https://developer.joomla.org/images/security_centre.png"> <meta property="og:image:width" content="869"> <meta property="og:image:height" content="360"> <meta property="og:image:type" content="image/png"> <meta property="og:title" content="Security Centre"> <meta property="og:type" content="article"> <meta property="og:url" content="https://developer.joomla.org/security-centre.html"> <meta property="og:description" content="Feed containing all security announcements from the Joomla! project."> <meta property="og:site_name" content="Joomla! Developer Network™"> <meta name="description" content="Feed containing all security announcements from the Joomla! project."> <meta name="generator" content="Joomla! - Open Source Content Management"> <title>Security Announcements</title> <link href="/security-centre.feed?type=rss" rel="alternate" type="application/rss+xml" title="Security Announcements"> <link href="/security-centre.feed?type=atom" rel="alternate" type="application/atom+xml" title="Security Announcements"> <link href="/templates/joomla/images/apple-touch-icon-180x180.png" rel="apple-touch-icon" sizes="180x180"> <link href="/templates/joomla/images/apple-touch-icon-152x152.png" rel="apple-touch-icon" sizes="152x152"> <link href="/templates/joomla/images/apple-touch-icon-144x144.png" rel="apple-touch-icon" sizes="144x144"> <link href="/templates/joomla/images/apple-touch-icon-120x120.png" rel="apple-touch-icon" sizes="120x120"> <link href="/templates/joomla/images/apple-touch-icon-114x114.png" rel="apple-touch-icon" sizes="114x114"> <link href="/templates/joomla/images/apple-touch-icon-76x76.png" rel="apple-touch-icon" sizes="76x76"> <link href="/templates/joomla/images/apple-touch-icon-72x72.png" rel="apple-touch-icon" sizes="72x72"> <link href="/templates/joomla/images/apple-touch-icon-57x57.png" rel="apple-touch-icon" sizes="57x57"> <link href="/templates/joomla/images/apple-touch-icon.png" rel="apple-touch-icon"> <link href="https://developer.joomla.org/search.opensearch" rel="search" title="OpenSearch Joomla! Developer Network™" type="application/opensearchdescription+xml"> <link href="/templates/joomla/favicon.ico" rel="icon" type="image/vnd.microsoft.icon"> <link href="/media/system/css/joomla-fontawesome.min.css?dde9c780ad8e78890daeddcd06b19d2b" rel="stylesheet" /> <link href="https://cdn.joomla.org/template/css/template_4.0.9.min.css?dde9c780ad8e78890daeddcd06b19d2b" rel="stylesheet" /> <link href="https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&display=swap" rel="stylesheet" crossorigin="anonymous" /> <link href="/media/vendor/awesomplete/css/awesomplete.css?1.1.5" rel="stylesheet" /> <link href="/media/vendor/joomla-custom-elements/css/joomla-alert.min.css?0.2.0" rel="stylesheet" /> <link href="/media/templates/site/joomla/css/custom.css?dde9c780ad8e78890daeddcd06b19d2b" rel="stylesheet" /> <script src="/media/templates/site/joomla/js/blockadblock.js?3.2.1" defer></script> <script src="/media/templates/site/joomla/js/js.cookie.js?2.1.4" defer></script> <script src="/media/vendor/skipto/js/skipto.min.js?4.1.7" defer></script> <script src="/media/templates/site/joomla/js/template.js?dde9c780ad8e78890daeddcd06b19d2b" defer></script> <script src="/media/mod_menu/js/menu-es5.min.js?dde9c780ad8e78890daeddcd06b19d2b" nomodule defer></script> <script type="application/json" class="joomla-script-options new">{"skipto-settings":{"settings":{"skipTo":{"enableActions":false,"enableHeadingLevelShortcuts":false,"accesskey":"9","displayOption":"popup","buttonLabel":"Keyboard Navigation","buttonTooltipAccesskey":"Access key is $key","landmarkGroupLabel":"Landmarks","headingGroupLabel":"Page Outline","mofnGroupLabel":" ($m of $n)","headingLevelLabel":"Heading level","mainLabel":"Main","searchLabel":"Search","navLabel":"Navigation","regionLabel":"Region","asideLabel":"Aside","footerLabel":"Footer","headerLabel":"Header","formLabel":"Form","msgNoLandmarksFound":"No landmarks to skip to","msgNoHeadingsFound":"No headings to skip to","headings":"h1, h2, h3","landmarks":"main, nav, search, aside, header, footer, form","attachElement":".navigation"}}},"joomla.jtext":{"MOD_FINDER_SEARCH_VALUE":"Search …","JLIB_JS_AJAX_ERROR_OTHER":"An error has occurred while fetching the JSON data: HTTP %s status code.","JLIB_JS_AJAX_ERROR_PARSE":"A parse error has occurred while processing the following JSON data:<br><code style=\"color:inherit;white-space:pre-wrap;padding:0;margin:0;border:0;background:inherit;\">%s<\/code>","ERROR":"Error","MESSAGE":"Message","NOTICE":"Notice","WARNING":"Warning","JCLOSE":"Close","JOK":"OK","JOPEN":"Open"},"finder-search":{"url":"\/component\/finder\/?task=suggestions.suggest&format=json&tmpl=component&Itemid=435"},"system.paths":{"root":"","rootFull":"https:\/\/developer.joomla.org\/","base":"","baseFull":"https:\/\/developer.joomla.org\/"},"csrf.token":"1e2024a4a2008cc94cb63151b34606b0"}</script> <script src="/media/system/js/core.min.js?37ffe4186289eba9c5df81bea44080aff77b9684"></script> <script src="/media/vendor/bootstrap/js/bootstrap-es5.min.js?5.3.2" nomodule defer></script> <script src="/media/com_finder/js/finder-es5.min.js?e6d3d1f535e33b5641e406eb08d15093e7038cc2" nomodule defer></script> <script src="/media/system/js/messages-es5.min.js?c29829fd2432533d05b15b771f86c6637708bd9d" nomodule defer></script> <script src="/media/vendor/bootstrap/js/collapse.min.js?5.3.2" type="module"></script> <script src="/media/vendor/bootstrap/js/dropdown.min.js?5.3.2" type="module"></script> <script src="/media/vendor/awesomplete/js/awesomplete.min.js?1.1.5" defer></script> <script src="/media/com_finder/js/finder.min.js?a2c3894d062787a266d59d457ffba5481b639f64" type="module"></script> <script src="/media/system/js/messages.min.js?7f7aa28ac8e8d42145850e8b45b3bc82ff9a6411" type="module"></script> <script type="application/ld+json">{"@context":"https:\/\/schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"https:\/\/developer.joomla.org\/","name":"Home"}},{"@type":"ListItem","position":2,"item":{"@id":"https:\/\/developer.joomla.org\/security-centre.html","name":"Security Announcements"}}]}</script> <script> var _prum = [['id', '59300ad15992c776ad970068'], ['mark', 'firstbyte', (new Date()).getTime()]]; (function() { var s = document.getElementsByTagName('script')[0] , p = document.createElement('script'); p.async = 'async'; p.src = 'https://rum-static.pingdom.net/prum.min.js'; s.parentNode.insertBefore(p, s); })(); </script> </head> <body class="site com_content view-category layout-blog task-display itemid-565"> <!-- Google Tag Manager --> <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-WJ36D4" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript> <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-WJ36D4');</script> <!-- End Google Tag Manager --> <!-- Top Nav --> <nav class="navigation" role="navigation" aria-label="Cross Site Menu"> <div id="mega-menu" class="navbar navbar-expand-md py-md-1"> <div class="container-xxl"> <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#primaryMenu" aria-controls="primaryMenu" aria-expanded="false" aria-label="Toggle navigation"> <span class="navbar-toggler-icon"></span> </button> <div class="navbar-collapse collapse" id="primaryMenu"> <ul id="nav-joomla" class="navbar-nav"> <li class="dropdown"> <button type="button" class="btn dropdown-toggle" data-bs-toggle="dropdown" aria-expanded="false"> <span dir="ltr"><span aria-hidden="true" class="fab fa-joomla"></span> Joomla!<sup>®</sup></span> <span class="caret"></span> </button> <ul class="dropdown-menu"> <li class="dropdown-item nav-header"><span>About us</span></li> <li> <a class="dropdown-item" href="https://www.joomla.org"> <span aria-hidden="true" class="icon-joomla"></span> Joomla Home </a> </li> <li><a class="dropdown-item" href="https://www.joomla.org/about-joomla.html">What is Joomla?</a></li> <li><a class="dropdown-item" href="https://www.joomla.org/core-features.html">Benefits & Features</a></li> <li><a class="dropdown-item" href="https://www.joomla.org/about-joomla/the-project.html">Project & Leadership</a></li> <li><a class="dropdown-item" href="https://tm.joomla.org">Trademark & Licensing</a></li> <li><a class="dropdown-item" href="https://joomlafoundation.org">The Joomla Foundation</a></li> <li class="dropdown-divider"></li> <li class="dropdown-item nav-header"><span>Support us</span></li> <li><a class="dropdown-item" href="https://www.joomla.org/contribute-to-joomla.html">Contribute</a></li> <li><a class="dropdown-item" href="https://www.joomla.org/sponsor.html">Sponsor</a></li> <li><a class="dropdown-item" href="https://www.joomla.org/about-joomla/partners.html">Partner</a></li> <li><a class="dropdown-item" href="https://shop.joomla.org">Shop</a></li> </ul> </li> <li class="dropdown"> <button type="button" class="btn dropdown-toggle" data-bs-toggle="dropdown" aria-expanded="false"> Download & Extend <span class="caret"></span> </button> <ul class="dropdown-menu"> <li><a class="dropdown-item" href="https://downloads.joomla.org">Downloads</a></li> <li><a class="dropdown-item" href="https://extensions.joomla.org">Extensions</a></li> <li><a class="dropdown-item" href="https://community.joomla.org/translations.html">Languages</a></li> <li><a class="dropdown-item" href="https://launch.joomla.org">Get a free site</a></li> <li><a class="dropdown-item" href="https://domains.joomla.org">Get a domain</a></li> </ul> </li> <li class="dropdown"> <button type="button" class="btn dropdown-toggle" data-bs-toggle="dropdown" aria-expanded="false"> Discover & Learn <span class="caret"></span> </button> <ul class="dropdown-menu"> <li><a class="dropdown-item" href="https://docs.joomla.org">Documentation</a></li> <li><a class="dropdown-item" href="https://community.joomla.org/joomla-training.html">Training</a></li> <li><a class="dropdown-item" href="https://certification.joomla.org">Certification</a></li> <li><a class="dropdown-item" href="https://showcase.joomla.org">Site Showcase</a></li> <li><a class="dropdown-item" href="https://www.joomla.org/announcements.html">Announcements</a></li> <li><a class="dropdown-item" href="https://community.joomla.org/blogs.html">Blogs</a></li> <li><a class="dropdown-item" href="https://magazine.joomla.org">Magazine</a></li> </ul> </li> <li class="dropdown"> <button type="button" class="btn dropdown-toggle" data-bs-toggle="dropdown" aria-expanded="false"> Community & Support <span class="caret"></span> </button> <ul class="dropdown-menu"> <li><a class="dropdown-item" href="https://community.joomla.org">Community Portal</a></li> <li><a class="dropdown-item" href="https://community.joomla.org/events.html">Events</a></li> <li><a class="dropdown-item" href="https://community.joomla.org/user-groups.html">User Groups</a></li> <li><a class="dropdown-item" href="https://forum.joomla.org">Forum</a></li> <li><a class="dropdown-item" href="https://community.joomla.org/service-providers-directory.html">Service Providers Directory</a></li> <li><a class="dropdown-item" href="https://volunteers.joomla.org">Volunteers Portal</a></li> <li><a class="dropdown-item" href="https://extensions.joomla.org/vulnerable-extensions/vulnerable/">Vulnerable Extensions List</a></li> </ul> </li> <li class="dropdown"> <button type="button" class="btn dropdown-toggle" data-bs-toggle="dropdown" aria-expanded="false"> Developer Resources <span class="caret"></span> </button> <ul class="dropdown-menu"> <li><a class="dropdown-item" href="https://developer.joomla.org">Developer Network</a></li> <li><a class="dropdown-item" href="https://developer.joomla.org/security.html">Security Centre</a></li> <li><a class="dropdown-item" href="https://issues.joomla.org">Issue Tracker</a></li> <li><a class="dropdown-item" href="https://github.com/joomla">GitHub</a></li> <li><a class="dropdown-item" href="https://api.joomla.org">API Documentation</a></li> <li><a class="dropdown-item" href="https://framework.joomla.org"><span dir="ltr">Joomla!</span> Framework</a></li> </ul> </li> </ul> <div id="nav-search" class="navbar-search float-md-end"> <form class="mod-finder js-finder-searchform form-search" action="/search.html" method="get" role="search"> <label for="mod-finder-searchword84" class="visually-hidden finder">Search</label><input type="text" name="q" id="mod-finder-searchword84" class="js-finder-search-query form-control" value="" placeholder="Search …"> </form> </div> </div> </div> </div> </nav> <!-- Header --> <header class="header"> <div class="container-md"> <div class="row"> <div class="col-md-7"> <h1 class="page-title"> <a href="/"> <img height="50px;" src="https://cdn.joomla.org/images/joomla-colours-logo.svg" alt="Joomla!" class="site-logo me-2 mb-1"> Developer Network™ </a> </h1> </div> <div class="col-md-5"> <div class="btn-toolbar pt-md-1 row"> <div class="btn-group col-6"> <a href="https://downloads.joomla.org/" class="btn btn-lg btn-warning">Download</a> </div> <div class="btn-group col-6"> <a href="https://launch.joomla.org" class="btn btn-lg btn-primary">Launch<span aria-hidden="true" class="icon-rocket"></span></a> </div> </div> </div> </div> </div> </header> <nav class="subnav-wrapper" aria-label="Primary Menu"> <div class="subnav"> <div class="container-md"> <ul class="mod-menu mod-list nav nav-pills"> <li class="nav-item item-435 default"><a href="/" class="nav-link">Home</a></li><li class="nav-item item-465"><a href="/news.html" class="nav-link">News</a></li><li class="nav-item item-743"><a href="/roadmap.html" class="nav-link">Project Roadmap</a></li><li class="nav-item item-479 parent"><a href="/cms.html" class="nav-link">CMS</a></li><li class="nav-item item-478 parent"><a href="/framework.html" class="nav-link">Framework</a></li><li class="nav-item item-480 parent"><a href="/tracker.html" class="nav-link">Tracker</a></li><li class="nav-item item-482 parent"><a href="/about.html" class="nav-link">About</a></li><li class="nav-item item-516"><a href="/security.html" class="nav-link">Security</a></li></ul> </div> </div> </nav> <!-- Body --> <div class="body"> <div class="container"> <div class="row"> <main id="content" class="col-md-9"> <!-- Begin Content --> <div id="system-message-container" aria-live="polite"></div> <div class="com-content-category-blog blog" itemscope itemtype="https://schema.org/Blog"> <div class="page-header"> <h1> Security Announcements </h1> </div> <div class="category-desc clearfix"> <p class="lead">This feed provides announcements of resolved security issues in Joomla! software releases.</p> <p>For more information about the Joomla! Security Strike Team (JSST) and its processes, please review our <a href="/security.html">Security</a> article.</p> <p>To report potential security issues, please follow the guidelines in the above referenced article. Please note that we are only able to provide support for the Joomla! CMS, Joomla! Framework, and *.joomla.org network of websites.</p> <p>You can subscribe to notifications from this feed through a <a href="/security-centre.feed?type=rss">RSS reader.</a></p> </div> <div class="com-content-category-blog__items blog-items "> <div class="com-content-category-blog__item blog-item" itemprop="blogPost" itemscope itemtype="https://schema.org/BlogPosting"> <div class="page-header"> <h2 itemprop="name"> <a href="/security-centre/929-20240205-core-inadequate-content-filtering-within-the-filter-code.html" itemprop="url"> [20240205] - Core - Inadequate content filtering within the filter code </a> </h2> </div> <div class="item-content"> <ul> <li><strong>Project:</strong> Joomla! / Joomla! Framework</li> <li><strong>SubProject:</strong> CMS / filter</li> <li><strong>Impact:</strong> Moderate</li> <li><strong>Severity:</strong> Moderate</li> <li><strong>Probability:</strong> Moderate</li> <li><strong>Versions: </strong>3.7.0-3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2</li> <li><strong>Exploit type:</strong> XSS</li> <li><strong>Reported Date:</strong> 2023-11-22</li> <li><strong>Fixed Date:</strong> 2024-02-20</li> <li><strong>CVE Number:</strong> <a href="https://www.cve.org/CVERecord?id=CVE-2024-21726" target="_blank" rel="noopener noreferrer">CVE-2024-21726</a></li> </ul> <h3>Description</h3> <div>Inadequate content filtering leads to XSS vulnerabilities in various components.</div> <h3>Affected Installs</h3> <p>Joomla! CMS versions 3.7.0-3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2</p> <h3>Solution</h3> <p>Upgrade to version 3.10.15-elts, 4.4.3 or 5.0.3</p> <h3>Contact</h3> <p>The JSST at the <a title="Contact the JSST" href="/security-centre.html">Joomla! Security Centre</a>.</p> </div> </div> <div class="com-content-category-blog__item blog-item" itemprop="blogPost" itemscope itemtype="https://schema.org/BlogPosting"> <div class="page-header"> <h2 itemprop="name"> <a href="/security-centre/928-20240204-core-xss-in-mail-address-outputs.html" itemprop="url"> [20240204] - Core - XSS in mail address outputs </a> </h2> </div> <div class="item-content"> <ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> CMS</li> <li><strong>Impact:</strong> Moderate</li> <li><strong>Severity:</strong> High</li> <li><strong>Probability:</strong> High</li> <li><strong>Versions: </strong>4.0.0-4.4.2, 5.0.0-5.0.2</li> <li><strong>Exploit type:</strong> XSS</li> <li><strong>Reported Date:</strong> 2024-01-30</li> <li><strong>Fixed Date:</strong> 2024-02-20</li> <li><strong>CVE Number:</strong> <a href="https://www.cve.org/CVERecord?id=CVE-2024-21725" target="_blank" rel="noopener noreferrer">CVE-2024-21725</a></li> </ul> <h3>Description</h3> <div>Inadequate escaping of mail addresses lead to XSS vulnerabilities in various components.</div> <h3>Affected Installs</h3> <p>Joomla! CMS versions 4.0.0-4.4.2, 5.0.0-5.0.2</p> <h3>Solution</h3> <p>Upgrade to version 4.4.3 or 5.0.3</p> <h3>Contact</h3> <p>The JSST at the <a title="Contact the JSST" href="/security-centre.html">Joomla! Security Centre</a>.</p> </div> </div> <div class="com-content-category-blog__item blog-item" itemprop="blogPost" itemscope itemtype="https://schema.org/BlogPosting"> <div class="page-header"> <h2 itemprop="name"> <a href="/security-centre/927-20240203-core-xss-in-media-selection-fields.html" itemprop="url"> [20240203] - Core - XSS in media selection fields </a> </h2> </div> <div class="item-content"> <ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> CMS</li> <li><strong>Impact:</strong> Moderate</li> <li><strong>Severity:</strong> Moderate</li> <li><strong>Probability:</strong> Moderate</li> <li><strong>Versions: </strong>1.6.0-3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2</li> <li><strong>Exploit type:</strong> XSS</li> <li><strong>Reported Date:</strong> 2024-01-09</li> <li><strong>Fixed Date:</strong> 2024-02-20</li> <li><strong>CVE Number:</strong> <a href="https://www.cve.org/CVERecord?id=CVE-2024-21724" target="_blank" rel="noopener noreferrer">CVE-2024-21724</a></li> </ul> <h3>Description</h3> <div>Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions.</div> <h3>Affected Installs</h3> <p>Joomla! CMS versions 1.6.0 - 3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2</p> <h3>Solution</h3> <p>Upgrade to version 3.10.15-elts, 4.4.3 or 5.0.3</p> <h3>Contact</h3> <p>The JSST at the <a title="Contact the JSST" href="/security-centre.html">Joomla! Security Centre</a>.</p> </div> </div> <div class="com-content-category-blog__item blog-item" itemprop="blogPost" itemscope itemtype="https://schema.org/BlogPosting"> <div class="page-header"> <h2 itemprop="name"> <a href="/security-centre/926-20240202-core-open-redirect-in-installation-application.html" itemprop="url"> [20240202] - Core - Open redirect in installation application </a> </h2> </div> <div class="item-content"> <ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> CMS</li> <li><strong>Impact:</strong> Low</li> <li><strong>Severity:</strong> Low</li> <li><strong>Probability:</strong> Low</li> <li><strong>Versions: </strong>1.5.0 - 3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2</li> <li><strong>Exploit type:</strong> Open Redirect</li> <li><strong>Reported Date:</strong> 2023-11-08</li> <li><strong>Fixed Date:</strong> 2024-02-20</li> <li><strong>CVE Number:</strong> <a href="https://www.cve.org/CVERecord?id=CVE-2024-21723" target="_blank" rel="noopener noreferrer">CVE-2024-21723</a></li> </ul> <h3>Description</h3> <div>Inadequate parsing of URLs could result into an open redirect.</div> <h3>Affected Installs</h3> <p>Joomla! CMS versions 1.5.0 - 3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2</p> <h3>Solution</h3> <p>Upgrade to version 3.10.15-elts, 4.4.3 or 5.0.3</p> <h3>Contact</h3> <p>The JSST at the <a title="Contact the JSST" href="/security-centre.html">Joomla! Security Centre</a>.</p> </div> </div> <div class="com-content-category-blog__item blog-item" itemprop="blogPost" itemscope itemtype="https://schema.org/BlogPosting"> <div class="page-header"> <h2 itemprop="name"> <a href="/security-centre/925-20240201-core-insufficient-session-expiration-in-mfa-management-views.html" itemprop="url"> [20240201] - Core - Insufficient session expiration in MFA management views </a> </h2> </div> <div class="item-content"> <ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> CMS</li> <li><strong>Impact:</strong> Low</li> <li><strong>Severity:</strong> Low</li> <li><strong>Probability:</strong> Low</li> <li><strong>Versions: </strong>3.2.0-3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2</li> <li><strong>Exploit type:</strong> Insufficient Session Expiration</li> <li><strong>Reported Date:</strong> 2023-11-29</li> <li><strong>Fixed Date:</strong> 2024-02-20</li> <li><strong>CVE Number:</strong> <a href="https://www.cve.org/CVERecord?id=CVE-2024-21722" target="_blank" rel="noopener noreferrer">CVE-2024-21722</a></li> </ul> <h3>Description</h3> <div>The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.</div> <h3>Affected Installs</h3> <p>Joomla! CMS versions 3.2.0-3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2</p> <h3>Solution</h3> <p>Upgrade to version 3.10.15-elts, 4.4.3 or 5.0.3</p> <h3>Contact</h3> <p>The JSST at the <a title="Contact the JSST" href="/security-centre.html">Joomla! Security Centre</a>.</p> </div> </div> <div class="com-content-category-blog__item blog-item" itemprop="blogPost" itemscope itemtype="https://schema.org/BlogPosting"> <div class="page-header"> <h2 itemprop="name"> <a href="/security-centre/919-20231101-core-exposure-of-environment-variables.html" itemprop="url"> [20231101] - Core - Exposure of environment variables </a> </h2> </div> <div class="item-content"> <ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> CMS</li> <li><strong>Impact:</strong> High</li> <li><strong>Severity:</strong> High</li> <li><strong>Probability:</strong> Low</li> <li><strong>Versions: </strong>1.6.0-4.4.0, 5.0.0</li> <li><strong>Exploit type:</strong> Information Disclosure</li> <li><strong>Reported Date:</strong> 2023-07-14</li> <li><strong>Fixed Date:</strong> 2023-11-21</li> <li><strong>CVE Number:</strong> <a href="https://www.cve.org/CVERecord?id=CVE-2023-40626" target="_blank" rel="noopener noreferrer">CVE-2023-40626</a></li> </ul> <h3>Description</h3> <div>The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information.</div> <h3>Affected Installs</h3> <p>Joomla! CMS versions 1.6.0-4.4.0, 5.0.0</p> <h3>Solution</h3> <p>Upgrade to version 3.10.14-elts, 4.4.1 or 5.0.1</p> <h3>Contact</h3> <p>The JSST at the <a title="Contact the JSST" href="/security-centre.html">Joomla! Security Centre</a>.</p> </div> </div> <div class="com-content-category-blog__item blog-item" itemprop="blogPost" itemscope itemtype="https://schema.org/BlogPosting"> <div class="page-header"> <h2 itemprop="name"> <a href="/security-centre/900-20230502-core-bruteforce-prevention-within-the-mfa-screen.html" itemprop="url"> [20230502] - Core - Bruteforce prevention within the mfa screen </a> </h2> </div> <div class="item-content"> <ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> CMS</li> <li><strong>Impact:</strong> Critical</li> <li><strong>Severity:</strong> Moderate</li> <li><strong>Probability:</strong> Low</li> <li><strong>Versions: </strong>4.2.0-4.3.1</li> <li><strong>Exploit type:</strong> Lack of rate limiting</li> <li><strong>Reported Date:</strong> 2023-04-29</li> <li><strong>Fixed Date:</strong> 2023-05-30</li> <li><strong>CVE Number:</strong> <a href="https://www.cve.org/CVERecord?id=CVE-2023-23755" target="_blank" rel="noopener noreferrer">CVE-2023-23755</a></li> </ul> <h3>Description</h3> <div>The lack of rate limiting allows brute force attacks against MFA methods.</div> <h3>Affected Installs</h3> <p>Joomla! CMS versions 4.2.0-4.3.1</p> <h3>Solution</h3> <p>Upgrade to version 4.3.2</p> <h3>Contact</h3> <p>The JSST at the <a title="Contact the JSST" href="/security-centre.html">Joomla! Security Centre</a>.</p> <div class="alert alert-info"><strong>Reported By: </strong> Phil Taylor</div> </div> </div> <div class="com-content-category-blog__item blog-item" itemprop="blogPost" itemscope itemtype="https://schema.org/BlogPosting"> <div class="page-header"> <h2 itemprop="name"> <a href="/security-centre/899-20230501-core-open-redirects-and-xss-within-the-mfa-selection.html" itemprop="url"> [20230501] - Core - Open Redirects and XSS within the mfa selection </a> </h2> </div> <div class="item-content"> <ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> CMS</li> <li><strong>Impact:</strong> Low</li> <li><strong>Severity:</strong> <span class="label label-info">Low</span></li> <li><strong>Probability:</strong> Low</li> <li><strong>Versions: </strong>4.2.0-4.3.1</li> <li><strong>Exploit type:</strong> Open Redirect / XSS</li> <li><strong>Reported Date:</strong> 2023-02-28</li> <li><strong>Fixed Date:</strong> 2023-05-28</li> <li><strong>CVE Number:</strong> <a href="https://www.cve.org/CVERecord?id=CVE-2023-23754" target="_blank" rel="noopener noreferrer">CVE-2023-23754</a></li> </ul> <h3>Description</h3> <div>Lack of input validation caused an open redirect and XSS issue within the new mfa selection screen.</div> <h3>Affected Installs</h3> <p>Joomla! CMS versions 4.2.0-4.3.1</p> <h3>Solution</h3> <p>Upgrade to version 4.3.2</p> <h3>Contact</h3> <p>The JSST at the <a title="Contact the JSST" href="/security-centre.html">Joomla! Security Centre</a>.</p> <div class="alert alert-info"><strong>Reported By: </strong> <a href="https://huntr.dev/users/srpopty/" target="_blank" rel="nofollow noopener">Srpopty from huntr.dev</a></div> </div> </div> <div class="com-content-category-blog__item blog-item" itemprop="blogPost" itemscope itemtype="https://schema.org/BlogPosting"> <div class="page-header"> <h2 itemprop="name"> <a href="/security-centre/894-20230201-core-improper-access-check-in-webservice-endpoints.html" itemprop="url"> [20230201] - Core - Improper access check in webservice endpoints </a> </h2> </div> <div class="item-content"> <ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> CMS</li> <li><strong>Impact:</strong> Critical</li> <li><strong>Severity:</strong> <span class="label label-info">High</span></li> <li><strong>Probability:</strong> High</li> <li><strong>Versions: </strong>4.0.0-4.2.7</li> <li><strong>Exploit type:</strong> Incorrect Access Control</li> <li><strong>Reported Date:</strong> 2023-02-13</li> <li><strong>Fixed Date:</strong> 2023-02-16</li> <li><strong>CVE Number:</strong> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23752" target="_blank" rel="noopener noreferrer">CVE-2023-23752</a></li> </ul> <h3>Description</h3> <div> <div>An improper access check allows unauthorized access to webservice endpoints.</div> </div> <h3>Affected Installs</h3> <p>Joomla! CMS versions 4.0.0-4.2.7</p> <h3>Solution</h3> <p>Upgrade to version 4.2.8</p> <h3>Contact</h3> <p>The JSST at the <a title="Contact the JSST" href="/security-centre.html">Joomla! Security Centre</a>.</p> <div class="alert alert-info"><strong>Reported By: </strong> Zewei Zhang from NSFOCUS TIANJI Lab</div> </div> </div> <div class="com-content-category-blog__item blog-item" itemprop="blogPost" itemscope itemtype="https://schema.org/BlogPosting"> <div class="page-header"> <h2 itemprop="name"> <a href="/security-centre/887-20221101-core-rxss-through-reflection-of-user-input-in-com-media.html" itemprop="url"> [20221101] - Core - RXSS through reflection of user input in com_media </a> </h2> </div> <div class="item-content"> <ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> CMS</li> <li><strong>Impact:</strong> Low</li> <li><strong>Severity:</strong> <span class="label label-info">Low</span></li> <li><strong>Probability:</strong> Low</li> <li><strong>Versions: </strong>4.0.0-4.2.4</li> <li><strong>Exploit type:</strong> Reflexted XSS</li> <li><strong>Reported Date:</strong> 2022-10-28</li> <li><strong>Fixed Date:</strong> 2022-11-08</li> <li><strong>CVE Number:</strong> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27914" target="_blank" rel="noopener noreferrer">CVE-2022-27914</a></li> </ul> <h3>Description</h3> <div> <div>Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in com_media..</div> </div> <h3>Affected Installs</h3> <p>Joomla! CMS versions 4.0.0-4.2.4</p> <h3>Solution</h3> <p>Upgrade to version 4.2.5</p> <h3>Contact</h3> <p>The JSST at the <a title="Contact the JSST" href="/security-centre.html">Joomla! Security Centre</a>.</p> <div class="alert alert-info"><strong>Reported By: </strong>https://github.com/Denitz</div> </div> </div> </div> <div class="com-content-category-blog__navigation w-100"> <p class="com-content-category-blog__counter counter float-md-end pt-3 pe-2"> Page 2 of 27 </p> <div class="com-content-category-blog__pagination"> <nav class="pagination__wrapper" aria-label="Pagination"> <ul class="pagination ms-0 mb-4"> <li class="page-item"> <a aria-label="Go to first page" href="/security-centre.html" class="page-link"> <span class="icon-angle-double-left" aria-hidden="true"></span> </a> </li> <li class="page-item"> <a aria-label="Go to previous page" href="/security-centre.html" class="page-link"> <span class="icon-angle-left" aria-hidden="true"></span> </a> </li> <li class="page-item d-none d-sm-block"> <a aria-label="Go to page 1" href="/security-centre.html" class="page-link"> 1 </a> </li> <li class="active page-item"> <a aria-current="true" aria-label="Page 2" href="#" class="page-link">2</a> </li> <li class="page-item d-none d-sm-block"> <a aria-label="Go to page 3" href="/security-centre.html?start=20" class="page-link"> 3 </a> </li> <li class="page-item d-none d-sm-block"> <a aria-label="Go to page 4" href="/security-centre.html?start=30" class="page-link"> 4 </a> </li> <li class="page-item d-none d-sm-block"> <a aria-label="Go to page 5" href="/security-centre.html?start=40" class="page-link"> 5 </a> </li> <li class="page-item d-none d-sm-block"> <a aria-label="Go to page 6" href="/security-centre.html?start=50" class="page-link"> 6 </a> </li> <li class="page-item d-none d-sm-block"> <a aria-label="Go to page 7" href="/security-centre.html?start=60" class="page-link"> 7 </a> </li> <li class="page-item d-none d-sm-block"> <a aria-label="Go to page 8" href="/security-centre.html?start=70" class="page-link"> 8 </a> </li> <li class="page-item d-none d-sm-block"> <a aria-label="Go to page 9" href="/security-centre.html?start=80" class="page-link"> 9 </a> </li> <li class="page-item d-none d-sm-block"> <a aria-label="Go to page 10" href="/security-centre.html?start=90" class="page-link"> 10 </a> </li> <li class="page-item"> <a aria-label="Go to next page" href="/security-centre.html?start=20" class="page-link"> <span class="icon-angle-right" aria-hidden="true"></span> </a> </li> <li class="page-item"> <a aria-label="Go to last page" href="/security-centre.html?start=260" class="page-link"> <span class="icon-angle-double-right" aria-hidden="true"></span> </a> </li> </ul> </nav> </div> </div> </div> <nav class="mod-breadcrumbs__wrapper" aria-label="Breadcrumbs"> <ol class="mod-breadcrumbs breadcrumb px-3 py-2"> <li class="mod-breadcrumbs__here float-start"> You are here:   </li> <li class="mod-breadcrumbs__item breadcrumb-item"><a href="/" class="pathway"><span>Home</span></a></li><li class="mod-breadcrumbs__item breadcrumb-item active"><span>Security Announcements</span></li> </ol> </nav> <!-- End Content --> </main> <aside class="col-md-3 sidebar-right"> <!-- Begin Right Sidebar --> <div class="moduletable "> <div id="mod-custom119" class="mod-custom custom"> <h3>Joomla! CMS</h3> <ul class="nav menu flex-column nav-tabs"> <li class="nav-item"><a class="nav-link" href="https://downloads.joomla.org/latest">Current Release <span class="float-end float-md-none float-lg-end"><img src="/images/joomla-logo.png" alt="Joomla! CMS 3" /> 4<strong>.x</strong></span></a></li> <li class="nav-item"><a class="nav-link" href="https://issues.joomla.org">View known Issues</a></li> <li class="nav-item"><a class="nav-link" href="https://github.com/joomla/joomla-cms#build-status" target="_blank" rel="noopener noreferrer">Development Status</a></li> <li class="nav-item"><a class="nav-link" href="/nightly-builds.html">Download Nightly builds</a></li> </ul> <h3>Joomla! Framework</h3> <ul class="nav menu flex-column nav-tabs"> <li class="nav-item"><a class="nav-link" href="https://framework.joomla.org">Current Release <span class="float-end float-md-none float-lg-end"><img src="/images/joomla-framework.png" alt="Joomla! Framework Logo" /> 2<strong>.x</strong></span></a></li> <li class="nav-item"><a class="nav-link" href="https://framework.joomla.org/status">Development Status</a></li> </ul></div> </div> <div class="moduletable "> <h3 >Resources</h3> <ul class="mod-menu mod-list nav flex-column nav-tabs"> <li class="nav-item item-474"><a href="/development-strategy.html" class="nav-link">Development Strategy</a></li><li class="nav-item item-565 current active"><a href="/security-centre.html" class="nav-link" aria-current="page">Security Announcements</a></li><li class="nav-item item-736"><a href="/security/contact-the-team.html" class="nav-link">Report Security Issues</a></li><li class="nav-item item-685"><a href="/about/stats.html" class="nav-link">Usage Statistics</a></li><li class="nav-item item-687"><a href="/about/stats/api.html" class="nav-link">Statistics API Documentation</a></li><li class="nav-item item-466"><a href="https://api.joomla.org" class="nav-link">Joomla! API Documentation</a></li><li class="nav-item item-467"><a href="/coding-standards.html" class="nav-link">Coding Standards Manual</a></li><li class="nav-item item-662"><a href="/joomlacode-archive.html" class="nav-link">JoomlaCode Archive</a></li></ul> </div> <div class="moduletable "> <h3 >Mailing Lists</h3> <ul class="mod-menu mod-list nav flex-column nav-tabs"> <li class="nav-item item-748"><a href="https://community.joomla.org/joomla-developer-network-newsletter.html" class="nav-link">Developer Network Newsletter</a></li><li class="nav-item item-469"><a href="https://groups.google.com/group/joomla-dev-general" class="nav-link"> General Extensions Mailing</a></li><li class="nav-item item-470"><a href="https://groups.google.com/group/joomla-dev-cms" class="nav-link">CMS Mailing</a></li><li class="nav-item item-471"><a href="https://groups.google.com/group/joomla-dev-framework" class="nav-link">Framework Mailing</a></li><li class="nav-item item-514"><a href="https://groups.google.com/group/joomla-docs" class="nav-link">Documentation Mailing</a></li></ul> </div> <!-- End Right Sidebar --> </aside> </div> </div> </div> <!-- Footer --> <footer class="footer text-center"> <div class="container"> <hr /> <div class="social"> <ul class="soc"> <li><a href="https://twitter.com/joomla" target="_blank" rel="noopener" title="Joomla! on Twitter"><span aria-hidden="true" class="fab fa-twitter"></span><span class="visually-hidden">Joomla! on Twitter</span></a></li> <li><a href="https://www.facebook.com/joomla" target="_blank" rel="noopener" title="Joomla! on Facebook"><span aria-hidden="true" class="fab fa-facebook"></span><span class="visually-hidden">Joomla! on Facebook</span></a></li> <li><a href="https://www.youtube.com/user/joomla" target="_blank" rel="noopener" title="Joomla! on YouTube"><span aria-hidden="true" class="fab fa-youtube"></span><span class="visually-hidden">Joomla! on YouTube</span></a></li> <li><a href="https://www.linkedin.com/company/joomla" target="_blank" rel="noopener" title="Joomla! on LinkedIn"><span aria-hidden="true" class="fab fa-linkedin"></span><span class="visually-hidden">Joomla! on LinkedIn</span></a></li> <li><a href="https://www.pinterest.com/joomla" target="_blank" rel="noopener" title="Joomla! on Pinterest"><span aria-hidden="true" class="fab fa-pinterest"></span><span class="visually-hidden">Joomla! on Pinterest</span></a></li> <li><a href="https://www.instagram.com/joomlaofficial/" target="_blank" rel="noopener" title="Joomla! on Instagram"><span aria-hidden="true" class="fab fa-instagram"></span><span class="visually-hidden">Joomla! on Instagram</span></a></li> <li><a href="https://github.com/joomla" target="_blank" rel="noopener" title="Joomla! on GitHub"><span aria-hidden="true" class="fab fa-github"></span><span class="visually-hidden">Joomla! on GitHub</span></a></li> </ul> </div> <div class="footer-menu"> <nav class="navbar navbar-expand"> <div class="container-fluid"> <ul class="navbar-nav mx-auto flex-wrap"> <li class="nav-item"><a class="nav-link" href="https://www.joomla.org"><span>Home</span></a></li> <li class="nav-item"><a class="nav-link" href="https://www.joomla.org/about-joomla.html"><span>About</span></a></li> <li class="nav-item"><a class="nav-link" href="https://community.joomla.org"><span>Community</span></a></li> <li class="nav-item"><a class="nav-link" href="https://forum.joomla.org"><span>Forum</span></a></li> <li class="nav-item"><a class="nav-link" href="https://extensions.joomla.org"><span>Extensions</span></a></li> <li class="nav-item"><a class="nav-link" href="https://community.joomla.org/service-providers-directory.html"><span>Services</span></a></li> <li class="nav-item"><a class="nav-link" href="https://docs.joomla.org"><span>Docs</span></a></li> <li class="nav-item"><a class="nav-link" href="https://developer.joomla.org"><span>Developer</span></a></li> <li class="nav-item"><a class="nav-link" href="https://community.joomla.org/the-joomla-shop.html"><span>Shop</span></a></li> </ul> </div> </nav> <nav class="navbar navbar-expand"> <div class="container-fluid"> <ul class="navbar-nav mx-auto flex-wrap"> <li class="nav-item"><a class="nav-link" href="https://www.joomla.org/accessibility-statement.html">Accessibility Statement</a></li> <li class="nav-item"><a class="nav-link" href="https://www.joomla.org/privacy-policy.html">Privacy Policy</a></li> <li class="nav-item"><a class="nav-link" href="https://www.joomla.org/cookie-policy.html">Cookie Policy</a></li> <li class="nav-item"><a class="nav-link" href="https://community.joomla.org/sponsorship-campaigns.html">Sponsor Joomla! with $5</a></li> <li class="nav-item"><a class="nav-link" href="https://joomla.crowdin.com" target="_blank" rel="noopener">Help Translate</a></li> <li class="nav-item"><a class="nav-link" href="https://github.com/joomla/joomla-websites/issues/new?title=[jdev]%20&body=Please%20describe%20the%20problem%20or%20your%20issue">Report an Issue</a></li> <li class="nav-item"><a class="nav-link" href="/component/content/category/8-news/13-security.html?layout=blog&Itemid=&start=10">Log in</a></li> </ul> </div> </nav> <p class="copyright">© 2005 - 2024 <a href="https://opensourcematters.org">Open Source Matters, Inc.</a> All Rights Reserved.</p> <div class="hosting"> <div class="hosting-image"><a href="https://www.rochen.com/joomla-hosting" rel="noopener" target="_blank"><img class="rochen" src="https://cdn.joomla.org/rochen/rochen_footer_logo_white.svg" alt="Rochen" /></a></div> <div class="hosting-text"><a href="https://www.rochen.com/joomla-hosting" rel="noopener" target="_blank"><span dir="ltr">Joomla!</span> Hosting by Rochen</a></div> </div> </div> <div id="adblock-msg" class="alert alert-danger d-none"> <button class="btn-close" data-bs-dismiss="alert" href="#"><span class="visually-hidden">Close</span></button> <span class="fa fa-triangle-exclamation"></span> We have detected that you are using an ad blocker. The Joomla! Project relies on revenue from these advertisements so please consider disabling the ad blocker for this domain. </div> </div> </footer> </body> </html>