|
Systems Affected
Joomla 3.2.0 through 3.4.4
Threat Level
Overview
The Thursday release of Joomla 3.4.5 addresses a critical SQL injection vulnerability impacting multiple versions of the popular content management system (CMS), as well as two other bugs deemed moderate in severity.
Description
The SQL injection vulnerability affects websites running Joomla 3.2.0 through 3.4.4 and is the result of inadequate filtering of request data, an advisory said, crediting Asaf Orpani of Trustwave and Netanel Rubin of PerimeterX with identifying the issue.
Impact
Solution/ Workarounds
Apply appropriate updates https://www.joomla.org/announcements/release-news/5634-joomla-3-4-5-released.html
References
SC Magazine
http://www.scmagazine.com/joomla-345-released-addresses-critical-sql-injection-vulnerability/article/449164/
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
|
