Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
2 résultats taggé Joomla  ✕
Joomla: PHP Bug Introduces Multiple XSS Vulnerabilities https://www.sonarsource.com/blog/joomla-multiple-xss-vulnerabilities/
27/02/2024 18:42:43
QRCode
archive.org
thumbnail
  • Sonar’s Vulnerability Research Team has discovered an issue that led to multiple XSS vulnerabilities in the popular Content Management System Joomla.
  • The issue discovered with the help of SonarCloud affects Joomla’s core filter component and is tracked as CVE-2024-21726.
  • Attackers can leverage the issue to gain remote code execution by tricking an administrator into clicking on a malicious link.
  • The underlying PHP bug is an inconsistency in how PHP’s mbstring functions handle invalid multibyte sequences.
  • The bug was fixed with PHP versions 8.3 and 8.4, but not backported to older PHP versions.
    • Joomla released a security announcement and published version 5.0.3/4.4.3, which mitigates the vulnerability.
sonarsource EN 2024 Joomla PHP Bug CVE-2024-21726
Multiple XSS flaws in Joomla can lead to remote code execution https://securityaffairs.com/159487/security/joomla-xss-flaws.html
22/02/2024 16:55:14
QRCode
archive.org
thumbnail

Joomla maintainers have addressed multiple flaws in the popular content management system (CMS) that can lead to execute arbitrary code

securityaffairs EN 2024 XSS Joomla CMS vulnerabilities CVE-2024-21722 CVE-2024-21723
4835 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn