Unpatched Joomla! vulnerabilities

Follow

Summary

The Joomla! platform has had many security problems of various levels of importance reported over its lifetime.  Our scanners have detected one of the more serious vulnerabilities.  These vulnerabilities are typically addressed by simply updating your Joomla! installation to a more recent version.

If you need specific details for the vulnerabilities that our scanners have detected, please ask on your support ticket.

Impact

The impact will depend on the specific vulnerability detected.  In some cases, the vulnerability can be used to compromise your website; e.g. vandalize it or steal information such as user details.  In other cases, it can be used to attack the users of your site; e.g. to trick unsuspecting users into revealing passwords, credit card or banking details.

Solution

We recommend the following approach:

  • Find out what version of Joomla! your site is currently running.
  • Go to the Joomla! Security Announcements feed
  • Read through the recent announcements, and identify an appropriate version that 1) is newer than your current one, and 2) doesn't also have vulnerabilities.  Generally speaking, this will be the latest Joomla! version listed as a "Solution".
  • Upgrade.
  • Subscribe to a Joomla! security channel to get notifications of vulnerabilities as soon as they become known.

For more information on Joomla! Security issues, we recommend that you consult the Joomla! Security resources.

Have more questions? Submit a request

Comments

Powered by Zendesk