The Joomla open source content management system (CMS) has been found to be vulnerable to multiple cross-site scripting (XSS) security vulnerabilities, which have the potential to allow remote code execution (RCE). Sonar’s Vulnerability Research Team discovered a fundamental flaw, identified as CVE-2024-21726, at the core of these issues, impacting Joomla’s core filter component.
According to Joomla’s advisory, the inadequate content filtering within the filter code leads to XSS vulnerabilities in various components. While the bug has been labeled as “moderate” in severity, it did not receive a CVSS vulnerability-severity score. These XSS bugs can be exploited by cyberattackers to inject malicious scripts into trusted websites, leading to the theft of visitor information, malicious redirects, or the distribution of malware. The vulnerabilities can be triggered by convincing an administrator to click on a malicious link.
Joomla, which powers around 2% of all websites, has become an ongoing target for threat actors due to the majority of its deployments being publicly accessible. As a result, the platform has been the subject of targeted attacks against EMEA banks. To address these vulnerabilities, Joomla has released versions 5.0.3/4.4.3, which contain patches for the security issues. It is strongly advised that users update to these latest versions as soon as possible to protect themselves from potential attacks.
The impact of these vulnerabilities cannot be understated, as Joomla’s widespread usage means that a large number of websites could potentially be at risk. With this in mind, it is crucial for administrators and users of Joomla to stay informed about these security developments and take proactive measures to mitigate the associated risks.
Cybersecurity experts emphasize the importance of staying updated on security patches and software updates to ensure protection against emerging threats. Given the continuous evolution of cyber threats, maintaining an up-to-date and secure website is essential to safeguard against potential exploitation of vulnerabilities.
In conclusion, the security vulnerabilities discovered within Joomla’s CMS serve as a reminder of the ongoing need for robust cybersecurity practices. By promptly addressing these vulnerabilities and updating to the latest secure versions of Joomla, website owners and administrators can help minimize the risk of falling victim to potential cyberattacks. Additionally, raising awareness about these security issues within the broader web development and CMS communities is necessary to ensure that all stakeholders are equipped to respond effectively to emerging threats.