Multiple XSS flaws in Joomla can lead to remote code execution

2 months ago AndyC

Multiple XSS flaws in Joomla can lead to remote code execution

Pierluigi Paganini
February 22, 2024

Joomla maintainers have addressed multiple vulnerabilities in the popular content management system (CMS) that can lead to execute arbitrary code.

Multiple XSS flaws in Joomla can lead to remote code execution

Multiple XSS flaws in Joomla can lead to remote code execution

Pierluigi Paganini
February 22, 2024

Joomla maintainers have addressed multiple vulnerabilities in the popular content management system (CMS) that can lead to execute arbitrary code.

The maintainers of the Joomla! Project released Joomla 5.0.3 and 4.4.3 versions that addressed the following vulnerabilities in the popular content management system (CMS):

  • [20240201] –CVE-2024-21722 Core – Insufficient session expiration in MFA management views: The MFA management features did not properly terminate existing user sessions when a user’s MFA methods have been modified
  • [20240202] – CVE-2024-21723 Core – Open redirect in installation application: Inadequate parsing of URLs could result into an open redirect.
  • [20240203] – CVE-2024-21724 Core – XSS in media selection fields: Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions.
  • [20240204] – CVE-2024-21725 Core – XSS in mail address outputs: Inadequate escaping of mail addresses lead to XSS vulnerabilities in various components.
  • [20240205] – CVE-2024-21726 Core – Inadequate content filtering within the filter code: Inadequate content filtering leads to XSS vulnerabilities in various components. 

The impact of these flaws can be widespread because roughly 2% of all websites use Joomla, millions of websites worldwide use this CMS.

“The widespread usage of Joomla and the fact that most deployments are publicly accessible makes it a valuable target for threat actors. Just recently, Joomla was targeted in an attack against different organizations via an improper access control vulnerability (CVE-2023-23752).” reported cybersecurity firm Sonarsource which discovered an issue that led to the XSS vulnerabilities in the popular Content Management System.

The researchers pointed out that an attacker can exploit these issues to gain remote code execution by tricking an administrator into clicking on a malicious link.

“While we won’t be disclosing technical details at this time, we want to emphasize the importance of prompt action to mitigate this risk. We strongly advise all Joomla users to update to the latest version. The first release known to address the vulnerability is Joomla version 5.0.3/4.4.3.” states Sonarsource which did not disclose technical details about the issues to avoid massive exploitation in the wild.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Joomla)

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , , , , , , , ,

More Stories

Brokewell supports an extensive set of Device Takeover capabilities

Brokewell supports an extensive set of Device Takeover capabilities

1 hour ago AndyC

Friday Squid Blogging: Searching for the Colossal Squid

13 hours ago AndyC
Experts warn of malware campaign targeting WP-Automatic plugin

Experts warn of malware campaign targeting WP-Automatic plugin

19 hours ago AndyC
Cryptocurrencies and cybercrime: A critical intermingling

Cryptocurrencies and cybercrime: A critical intermingling

1 day ago AndyC
Kaiser Permanente data breach may have impacted 13.4 million patients

Kaiser Permanente data breach may have impacted 13.4 million patients

1 day ago AndyC
+1,400 CrushFTP servers vulnerable to CVE-2024-4040

+1,400 CrushFTP servers vulnerable to CVE-2024-4040

1 day ago AndyC

You may have missed

Brokewell supports an extensive set of Device Takeover capabilities

Brokewell supports an extensive set of Device Takeover capabilities

1 hour ago AndyC
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw

Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw

1 hour ago AndyC
Bogus npm Packages Used to Trick Software Developers into Installing Malware

Bogus npm Packages Used to Trick Software Developers into Installing Malware

7 hours ago AndyC

Friday Squid Blogging: Searching for the Colossal Squid

13 hours ago AndyC
Showcasing Artwork by Max for Autism Awareness Month

Showcasing Artwork by Max for Autism Awareness Month

13 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.