Newsfeeds
Security Announcements


  • [20190206] - Core - Implement the TYPO3 PHAR stream wrapper
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 2.5.0 through 3.9.2
    • Exploit type: Object Injection
    • Reported Date: 2019-January-18
    • Fixed Date: 2019-February-12
    • CVE Number: CVE-2019-7743

    Description

    The phar:// stream wrapper can be used for objection injection attacks. We now disallow usage of the phar:// handler for non .phar-files within the CMS globally by implementing the TYPO3 PHAR stream wrapper.

    Affected Installs

    Joomla! CMS versions 2.5.0 through 3.9.2

    Solution

    Upgrade to version 3.9.3

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: David Jardin (JSST)


  • [20190205] - Core - XSS Issue in core.js writeDynaList
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 2.5.0 through 3.9.2
    • Exploit type: XSS
    • Reported Date: 2018-October-07
    • Fixed Date: 2019-February-12
    • CVE Number: CVE-2019-7740

    Description

    Inadequate parameter handling in JS code could lead to an XSS attack vector.

    Affected Installs

    Joomla! CMS versions 2.5.0 through 3.9.2

    Solution

    Upgrade to version 3.9.3

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Dimitris Grammatikogiannis


  • [20190204] - Core - Stored XSS issue in the Global Configuration help url #2
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 2.5.0 through 3.9.2
    • Exploit type: XSS
    • Reported Date: 2019-January-16
    • Fixed Date: 2019-February-12
    • CVE Number: CVE-2019-7741

    Description

    Inadequate checks at the Global Configuration helpurl settings allowed a stored XSS.

    Affected Installs

    Joomla! CMS versions 2.5.0 through 3.9.2

    Solution

    Upgrade to version 3.9.3

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Antonin Steinhauser


  • [20190203] - Core - Additional warning in the Global Configuration textfilter settings
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 2.5.0 through 3.9.2
    • Exploit type: XSS
    • Reported Date: 2019-January-17
    • Fixed Date: 2019-February-12
    • CVE Number: CVE-2019-7739

    Description

    "No Filtering" textfilter overrides child settings in the Global Configuration. This is intended behavior but might be unexpected for the user. An additional message is now shown in the configuration dialog.

    Affected Installs

    Joomla! CMS versions 2.5.0 through 3.9.2

    Solution

    Upgrade to version 3.9.3

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Raviraj Powar


  • [20190202] - Core - Browserside mime-type sniffing causes XSS attack vectors
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 1.0.0 through 3.9.2
    • Exploit type: XSS
    • Reported Date: 2018-September-24
    • Fixed Date: 2019-February-12
    • CVE Number: CVE-2019-7742

    Description

    A combination of specific webserver configurations, in connection with specific file types and browserside mime-type sniffing causes a XSS attack vector.

    Affected Installs

    Joomla! CMS versions 1.0.0 through 3.9.2

    Solution

    Upgrade to version 3.9.3

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Hanno Böck