Joomla XSS Bugs Open Millions of Websites to RCE
Improper content filtering in a core function allows multiple paths to exploitation for CVE-2024-21726.
The Joomla open source content management system (CMS) is vulnerable to multiple cross-site scripting (XSS) security vulnerabilities that could allow remote code execution (RCE).
Sonar's Vulnerability Research Team discovered that one fundamental flaw, tracked as CVE-2024-21726, is at the heart of the issues. It affects Joomla's core filter component.
"Inadequate content filtering leads to XSS vulnerabilities in various components," according to Joomla's advisory, which called the bug "moderate" but did not include a CVSS vulnerability-severity score.
Cyberattackers can exploit XSS bugs to inject malicious scripts into benign and trusted websites, which can in turn steal visitor information, perform malicious redirects, or infect users with malware. In this case, assailants can trigger the issues by convincing an administrator to click on a malicious link.
Joomla powers around 2% of all websites, with most deployments publicly accessible — making it an ongoing target for threat actors. The issue is patched in Joomla versions 5.0.3/4.4.3, released today, so users should update ASAP to avoid falling prey to attackers.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024