Joomla brings patch for critical vulnerability




The CMS Joomla is vulnerable to remote code execution. Users of versions 1.5 to 3.4.5 is recommended to perform an update. It is already used by attackers vulnerability.

Joomla! fpa The vulnerability in the popular content management software was noticed by security firm Sucuri. Sites that use the software can be used by an attacker to send traffic to any sites to create or malicious code to execute. The open source project behind Joomla leak poem in version 3.4.6, this is via an update.

The vulnerability, which is considered by Sucuri as zero day, uses object injection via the HTTP user agent. The browser takes advantage of to pass information to the web server that can display those appropriate content based on the software of the user. The browser to suit accompanying information, an attacker could execute code on the vulnerable Joomla sites.

According to Sucuri are currently already implemented on a large scale attacks. Given the large number of Joomla sites is attractive for attackers to use vulnerability as wide as possible.


In: A Technology & Gadgets Asked By: [23633 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »