Joomla Security News

  • [20250901] - Core - Inadequate content filtering within the checkAttribute filter code

    • Project: Joomla! / Joomla! Framework
    • SubProject: CMS / filter
    • Impact: Moderate
    • Severity: Moderate
    • Probability: Moderate
    • Versions: 3.0.0-3.10.20-elts, 4.0.0-4.4.13, 5.0.0-5.3.3
    • Exploit type: XSS
    • Reported Date: 2025-08-03
    • Fixed Date: 2025-09-30
    • CVE Number: CVE-2025-54476

    Description

    Inadequate content filtering within the checkAttribute methods leads to XSS vulnerabilities in various components.

    Affected Installs

    Joomla! CMS versions 3.0.0-3.10.20-elts, 4.0.0-4.4.13, 5.0.0-5.3.3

    Solution

    Upgrade to version 4.4.14 or 5.3.4

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Flydragon, Poi, Cwy, Xtrimi

  • [20250902] - Core - User-Enumeration in passkey authentication method

    • Project: Joomla!
    • SubProject: CMS
    • Impact: Moderate
    • Severity: Low
    • Probability: Low
    • Versions: 4.0.0-4.4.13, 5.0.0-5.3.3
    • Exploit type: User Enumeration
    • Reported Date: 2025-09-04
    • Fixed Date: 2025-09-30
    • CVE Number: CVE-2025-54477

    Description

    Improper handling of authentication requests lead to a user enumeration vector in the passkey authentication method.

    Affected Installs

    Joomla! CMS versions 4.0.0-4.4.13, 5.0.0-5.3.3

    Solution

    Upgrade to version 4.4.14 or 5.3.4

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Marco Schubert

  • [20250401] - Framework - SQL injection vulnerability in quoteNameStr method of Database package

    • Project: Joomla!
    • SubProject: Framework
    • Impact: High
    • Severity: Low
    • Probability: Low
    • Versions:1.0.0-2.1.1, 3.0.0-3.3.1
    • Exploit type: SQL Injection
    • Reported Date: 2025-03-17
    • Fixed Date: 2025-04-02
    • CVE Number: CVE-2025-25226

    Description

    Improper handling of identifiers lead to a SQL injection vulnerability in the quoteNameStr method of the database package.

    Affected Installs

    Database Package version: 1.0.0-2.1.1, 3.0.0-3.3.1

    Please note: the affected method is a protected method. It has no usages in the original packages in neither the 2.x nor 3.x branch and therefore the vulnerability in question can not be exploited when using the original database class. However, classes extending the affected class might be affected, if the vulnerable method is used.

    Solution

    Upgrade to version 2.2.0 or 3.4.0

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Nicholas K. Dionysopoulos, akeeba.com

  • [20250402] - Core - MFA Authentication Bypass

    • Project: Joomla!
    • SubProject: CMS
    • Impact: High
    • Severity: Moderate
    • Probability: Moderate
    • Versions:4.0.0 - 4.4.12, 5.0.0 - 5.2.5
    • Exploit type: Authentication Bypass
    • Reported Date: 2025-03-20
    • Fixed Date: 2025-04-08
    • CVE Number: CVE-2025-25227

    Description

    Insufficient state checks lead to a vector that allows to bypass 2FA checks.

    Affected Installs

    Joomla! CMS versions: 4.0.0 - 4.4.12, 5.0.0 - 5.2.5

    Solution

    Upgrade to version 4.4.13 or 5.2.6

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Undisclosed Reporter

  • [20250301] - Core - Malicious file uploads via Media Manager

    • Project: Joomla!
    • SubProject: CMS
    • Impact: Critical
    • Severity: Low
    • Probability: Low
    • Versions:4.0.0-4.4.11, 5.0.0-5.2.4
    • Exploit type: Malicious file upload
    • Reported Date: 2025-02-25
    • Fixed Date: 2025-03-10
    • CVE Number: CVE-2025-22213

    Description

    Inadequate checks in the Media Manager allowed users with "edit" privileges to create executable PHP files.

    Affected Installs

    Joomla! CMS versions 4.0.0-4.4.11, 5.0.0-5.2.4

    Solution

    Upgrade to version 4.4.12 or 5.2.5

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  ErPaciocco