Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
Joomla: PHP Bug Introduces Multiple XSS Vulnerabilities https://www.sonarsource.com/blog/joomla-multiple-xss-vulnerabilities/
27/02/2024 18:42:43
QRCode
archive.org
thumbnail
  • Sonar’s Vulnerability Research Team has discovered an issue that led to multiple XSS vulnerabilities in the popular Content Management System Joomla.
  • The issue discovered with the help of SonarCloud affects Joomla’s core filter component and is tracked as CVE-2024-21726.
  • Attackers can leverage the issue to gain remote code execution by tricking an administrator into clicking on a malicious link.
  • The underlying PHP bug is an inconsistency in how PHP’s mbstring functions handle invalid multibyte sequences.
  • The bug was fixed with PHP versions 8.3 and 8.4, but not backported to older PHP versions.
    • Joomla released a security announcement and published version 5.0.3/4.4.3, which mitigates the vulnerability.
sonarsource EN 2024 Joomla PHP Bug CVE-2024-21726
4470 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio