Impact: Low
Severity: Low
Versions: 3.0.0 - 3.9.25
Exploit type: XSS
Reported Date: 2021-03-09
Fixed Date: 2021-04-13
CVE Number: CVE-2021-26030Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error pages.
Joomla! CMS versions 3.0.0 - 3.9.25
Upgrade to version 3.9.26
Impact: Low
Severity: Low
CVE Number: CVE-2021-26031
Versions: 3.0.0 - 3.9.25
Exploit type: LFI
Reported Date: 2021-01-03
Fixed Date: 2021-04-13
Inadequate filters on module layout settings could lead to an LFI.
Joomla! CMS versions 3.0.0 - 3.9.25
Upgrade to version 3.9.26
Joomla 3.9.21 is now available. This is a security release for the 3.x series of Joomla which addresses 3 security vulnerabilities and contains over 20 bug fixes and improvements.
Joomla 3.9.21 includes 3 security vulnerability fixes and addresses several bugs, including:
Joomla team has announced several bug fixes today on July 14, 2020.
Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 3.0.0-3.9.19
Exploit type: Information Disclosure
Reported Date: 2020-Jun-17
Fixed Date: 2020-July-14
CVE Number: CVE-2020-15698Inadequate filtering in the system information screen could expose redis or proxy credentials