This site uses cookies. For more information, please see our Privacy and Cookie Notice. If you don't agree to our use of cookies, please navigate away from this site now.
phone
Sales & support  01738 700 006
Joomla Security

by  David Dwyer on  09/07/2015    940 Reads

Following up on our recent competency blog article about Joomla here is an example of what a competent Web Developer is signed up for to receive if they are managing Joomla websites.
 
Has your Joomla web developer been in touch to advise or have they dealt with or are they not even aware that the Security update has been released?
 
  • Project: Joomla!
  • SubProject: CMS
  • Severity: Low
  • Versions: 3.2.0 through 3.4.1
  • Exploit type: CSRF Protection
  • Reported Date: 2015-April-06
  • Fixed Date: 2015-June-30
  • CVE Number: tbd

Description

Lack of CSRF checks potentially enabled uploading malicious code.

Affected Installs

Joomla! CMS versions 3.2.0 through 3.4.1

Solution

Upgrade to version 3.4.2
 
 
  • Project: Joomla!
  • SubProject: CMS
  • Severity: Low
  • Versions: 3.0.0 through 3.4.1
  • Exploit type: Open Redirect
  • Reported Date: 2015-June-01
  • Fixed Date: 2015-June-30
  • CVE Number: tbd

Description

Inadequate checking of the return value allowed to redirect to an extern page.

Affected Installs

Joomla! CMS versions 3.0.0 through 3.4.1

Solution

Upgrade to version 3.4.2
 
 

David Dwyer is Managing Director of Inspire Web Development. He has years of experience in a range of web and IT roles plus seven years in sales and marketing in a blue-chip FMCG company. David’s academic and professional qualifications include a BA (Hons) in Business Economics (Personnel & Ergonomics) from the University of Paisley, an MSc in Information Technology (Systems) from Heriot-Watt University and PRINCE2 Practitioner-level certification. He is also an active member of the British Computer Society, Entrepreneurial Exchange and Business for Scotland.

 

Follow Inspire on Twitter @inspireltd and @developersos

Joomla
Interested in working with us
 
Name :
Email :
Phone :
How can we help? :
 
* Fields are mandatory

Leave a comment
 
Name :
Email :
Comment :
 
* Fields are mandatory