Joomla | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Lack of output escaping leads to a XSS vector in the pagebreak plugin.

Lack of input filtering leads to an XSS vector in the HTML filter code related to data URLs in img tags.

Insufficient state checks lead to a vector that allows to bypass 2FA checks.

Improper handling of identifiers lead to a SQL injection vulnerability in the quoteNameStr method of the database package. Please note: the affected method is a protected method. It has no usages in the original packages in neither the 2.x…

Improper Access Controls allows access to protected views.

Lack of output escaping in the id attribute of menu lists.

Various module chromes didn't properly process inputs, leading to XSS vectors.