Joomla XSS Bugs Open Millions of Websites to RCE
Improper content filtering in a core function allows multiple paths to exploitation for CVE-2024-21726.
The Joomla open source content management system (CMS) is vulnerable to multiple cross-site scripting (XSS) security vulnerabilities that could allow remote code execution (RCE).
Sonar's Vulnerability Research Team discovered that one fundamental flaw, tracked as CVE-2024-21726, is at the heart of the issues. It affects Joomla's core filter component.
"Inadequate content filtering leads to XSS vulnerabilities in various components," according to Joomla's advisory, which called the bug "moderate" but did not include a CVSS vulnerability-severity score.
Cyberattackers can exploit XSS bugs to inject malicious scripts into benign and trusted websites, which can in turn steal visitor information, perform malicious redirects, or infect users with malware. In this case, assailants can trigger the issues by convincing an administrator to click on a malicious link.
Joomla powers around 2% of all websites, with most deployments publicly accessible — making it an ongoing target for threat actors. The issue is patched in Joomla versions 5.0.3/4.4.3, released today, so users should update ASAP to avoid falling prey to attackers.
About the Author(s)
You May Also Like
Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024Finding Your Way on the Path to Zero Trust
May 22, 2024Extending Access Management: Securing Access for all Identities, Devices, and Applications
June 4, 2024Assessing Software Supply Chain Risk
June 6, 2024Preventing Attackers From Wandering Through Your Enterprise Infrastructure
June 19, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024