Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

Joomla 3.4.5 released, addresses critical SQL injection vulnerability

 

Systems Affected


Joomla 3.2.0 through 3.4.4

Threat Level


High


Overview


The Thursday release of Joomla 3.4.5 addresses a critical SQL injection vulnerability impacting multiple versions of the popular content management system (CMS), as well as two other bugs deemed moderate in severity.


Description


The SQL injection vulnerability affects websites running Joomla 3.2.0 through 3.4.4 and is the result of inadequate filtering of request data, an advisory said, crediting Asaf Orpani of Trustwave and Netanel Rubin of PerimeterX with identifying the issue.


Impact



Solution/ Workarounds


Apply appropriate updates https://www.joomla.org/announcements/release-news/5634-joomla-3-4-5-released.html


References


SC Magazine
http://www.scmagazine.com/joomla-345-released-addresses-critical-sql-injection-vulnerability/article/449164/


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.