Hackinbox Community,
We bring to your attention a critical security advisory that demands immediate action. The Joomla open source content management system (CMS) is currently exposed to multiple cross-site scripting (XSS) vulnerabilities, opening the gateway to potential remote code execution (RCE). This revelation, marked by the identifier CVE-2024-21726, stems from improper content filtering in a core function, creating multiple avenues for exploitation.
The Vulnerability Research Team at Sonar recently unearthed this fundamental flaw within Joomla’s core filter component. Despite being labeled as “moderate” by Joomla’s advisory, this vulnerability poses a substantial threat, as it allows attackers to exploit XSS bugs, injecting malicious scripts into benign websites. These scripts can then compromise visitor information, execute malicious redirects, or introduce malware to unsuspecting users.
The implications of this vulnerability are vast, given that Joomla powers approximately 2% of all websites, with a significant number of deployments being publicly accessible. This widespread usage makes Joomla an attractive target for cyber attackers. The exploit can be triggered by luring an administrator into clicking on a malicious link.
To address this critical issue, Joomla has released patches in versions 5.0.3 and 4.4.3, both of which were released today. Immediate action is strongly advised – users are urged to update their Joomla installations promptly to fortify their defenses against potential attacks. Delaying the update could expose your website to malicious activities that exploit this vulnerability.
Stay vigilant, stay secure. Your commitment to promptly updating Joomla ensures a safer digital environment for you and your users.
[CyberSafe@Hackinbox ~]#