Gravityscan Blog

Updates on website security and what's going on in our universe.

Check Your Site Now for 3 New Joomla Vulnerabilities

This entry was posted in Joomla on Jul 6, 2017 by mark 0 Replies

On July 4, less than 48 hours ago, Joomla released version 3.7.3, which is an important security update. The release includes fixes for three vulnerabilities: two cross site scripting (XSS) vulnerabilities and an information disclosure vulnerability. If you have not yet updated your Joomla website to Joomla 3.7.3, we recommend you do so now.

These vulnerability discoveries come on the heels of a recent major Joomla security update, which was released just a few weeks ago. We previously covered that release at the time, emphasizing the critical importance of updating your site’s software the instant an update becomes available. As soon as hackers become aware of a widespread vulnerability, they can start to attack sites with it. However, unlike May’s release, Joomla did not announce this update in advance.

We’ve already updated Gravityscan to include detection for these new vulnerabilities. We recommend you visit https://www.gravityscan.com/ and run a scan on all of your Joomla websites to make sure they’re secure. Gravityscan will run a comprehensive scan on your site and alert you to any security problems you may have.

Below we include some additional detail on each of the vulnerabilities that were fixed with release 3.7.3:

CVE-2017-9933

This vulnerability allows an attacker to exploit a flaw in the way Joomla handles access control to the cache. The attacker can use this flaw to view sensitive information from forms on the target system. Joomla versions 1.7.3 and higher are affected.

CVE-2017-9934

This is a reflected cross site scripting vulnerability. Joomla prior to version 3.7.3 does not properly filter HTML code and validate CSRF (cross site request forgery) tokens from user-supplied input before displaying the input. This allows a remote attacker to execute malicious JavaScript in the context of a target user’s browser. By doing this, an attacker can perform a variety of malicious actions with the privileges of the target user. Joomla 1.7.3 and higher are affected.

CVE-2017-7985

Joomla versions 1.5.0 to 3.6.5 does not securely filter multibyte characters in HTML code from user input before displaying that input. This allows an attacker to execute malicious JavaScript in the context of a target user’s web browser.

This vulnerability is also a reflected cross site scripting attack. By executing malicious JavaScript in the context of a target user’s browser, the attacker can perform a variety of malicious actions, including stealing session cookies and performing actions on the target site that only the victim user would ordinarily be allowed to perform.  The Joomla 3.7.3 release also fixes this vulnerability.

Did you enjoy this post? Share it!


No Replies on "Check Your Site Now for 3 New Joomla Vulnerabilities"

You must be a Gravityscan user to join the discussion. Register now or sign in if you already have an account.