Several security bugs fixed on Joomla

Joomla

Joomla team has announced several bug fixes today on July 14, 2020.

Core - System Information screen could expose redis or proxy credentials

    Project: Joomla!
    SubProject: CMS
    Impact: Low
    Severity: Low
    Versions: 3.0.0-3.9.19
    Exploit type: Information Disclosure
    Reported Date: 2020-Jun-17
    Fixed Date: 2020-July-14
    CVE Number: CVE-2020-15698

Description

Inadequate filtering in the system information screen could expose redis or proxy credentials

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.19

Solution

Upgrade to version 3.9.20


Core - Escape mod_random_image link

  Project: Joomla!
    SubProject: CMS
    Impact: Low
    Severity: Low
    Versions: 3.0.0-3.9.19
    Exploit type: XSS
    Reported Date: 2020-Jun-08
    Fixed Date: 2020-July-14
    CVE Number: CVE-2020-15696

Description

Lack of input filtering and escaping allows XSS attacks in mod_random_image

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.19

Solution

Upgrade to version 3.9.20


Core - Variable tampering via user table class

Project: Joomla!
    SubProject: CMS
    Impact: Low
    Severity: Low
    Versions: 3.0.0-3.9.19
    Exploit type: Incorrect Access Control
    Reported Date: 2020-Jun-02
    Fixed Date: 2020-July-14
    CVE Number: CVE-2020-15697

Description

Internal read-only fields in the User table class could be modified by users.

Affected Installs

Joomla! CMS versions 3.9.0 - 3.9.19

Solution

Upgrade to version 3.9.20


Core - CSRF in com_privacy remove-request feature

 Project: Joomla!
    SubProject: CMS
    Impact: Low
    Severity: Low
    Versions: 3.9.0-3.9.19
    Exploit type: CSRF
    Reported Date: 2020-May-07
    Fixed Date: 2020-July-14
    CVE Number: CVE-2020-15695

Description

A missing token check in the remove request section of com_privacy causes a CSRF vulnerability.

Affected Installs

Joomla! CMS versions 3.9.0 - 3.9.19

Solution

Upgrade to version 3.9.20


Core - Missing checks can lead to a broken usergroups table record

   Project: Joomla!
    SubProject: CMS
    Impact: Moderate
    Severity: Low
    Versions: 2.5.0-3.9.19
    Exploit type: Incorrect Access Control
    Reported Date: 2020-April-04
    Fixed Date: 2020-July-14
    CVE Number: CVE-2020-15699

Description

Missing validation checks at the usergroups table object can result into an broken site configuration.

Affected Installs

Joomla! CMS versions 2.5.0 - 3.9.19

Solution

Upgrade to version 3.9.20


Core - CSRF in com_installer ajax_install endpoint

    Project: Joomla!
    SubProject: CMS
    Impact: Low
    Severity: Low
    Versions: 3.7.0-3.9.19
    Exploit type: CSRF
    Reported Date: 2020-May-07
    Fixed Date: 2020-July-14
    CVE Number: CVE-2020-XXXXX

Description

A missing token check in the ajax_install endpoint com_installer causes a CSRF vulnerability.

Affected Installs

Joomla! CMS versions 3.7.0 - 3.9.19

Solution

Upgrade to version 3.9.20

We value your opinion. Please add your feedback.