WISSENSWERT

40%-55% aller Internetsurfer sind heute mit mobilen Endgeräten im Netz.
Joomla! - CMS für einfache Webseiten bis zu komplexen E-Commerce oder Social Marketing Sites für M
Sich Informationen aus dem Netz zu beschaffen ist gewöhnliche Alltagshandlung ... Stehen Sie berei
Es spielt eben doch eine Rolle, ob Ihr Unternehmen auch im Internet vertreten ist oder nicht!
Websites sind schlichtweg essenzieller und integraler Bestandteil moderner Kommunikation ...
Websites sind eine jederzeit leicht verfügbare Quelle an Information für Interessenten. Nutzen Sie
Websites - Kein Medium sonst, bietet ein derart breites Spektrum an Kommunikations­kanälen
Das Internet ist dynamisches Wissen. Es gilt : Existenz durch Informationspräsenz.
Minimalism is more than leaving stuff out, in fact ... minimalism is a state of mind.

Joomla! Developer News

  1. Joomla! 5.3.0 Beta 2 - Bug Squashing Time

    Joomla 5.3.0 Beta 2

    The Joomla Project is pleased to announce the availability of the Joomla 5.3 Beta 2 for testing and it's Bug Squashing Time!

  2. Joomla! 5.3.0 Beta 1 - Feature Freeze

    Joomla 5.3.0 Beta 1

    The Joomla Project is pleased to announce the availability of the Joomla 5.3 Beta 1 for testing.

  3. Your first glimpse at Joomla! 5.3.0 Alpha3

    Joomla 5.3 Alpha 3

    The Joomla! Project is pleased to announce the availability of Joomla 5.3 Alpha 3 for testing.

  4. Your first glimpse at Joomla! 5.3.0 Alpha2

    Joomla 5.3 Alpha 2

    The Joomla! Project is pleased to announce the availability of Joomla 5.3 Alpha 2 for testing.

  5. Your first glimpse at Joomla! 5.3.0 Alpha1

    Joomla 5.3 Alpha 1

    The Joomla! Project is pleased to announce the availability of the firstJoomla 5.3 Alpha for testing.

Joomla! Security Announcements

  • [20250301] - Core - Malicious file uploads via Media Manager
    11 March 2025
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Critical
    • Severity: Low
    • Probability: Low
    • Versions:4.0.0-4.4.11, 5.0.0-5.2.4
    • Exploit type: Malicious file upload
    • Reported Date: 2025-02-25
    • Fixed Date: 2025-03-10
    • CVE Number: CVE-2025-22213

    Description

    Inadequate checks in the Media Manager allowed users with "edit" privileges to create executable PHP files.

    Affected Installs

    Joomla! CMS versions 4.0.0-4.4.11, 5.0.0-5.2.4

    Solution

    Upgrade to version 4.4.12 or 5.2.5

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  ErPaciocco
  • [20250103] - Core - Read ACL violation in multiple core views
    07 January 2025
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Moderate
    • Probability: Low
    • Versions:3.9.0-3.10.19-elts, 4.0.0-4.4.9, 5.0.0-5.2.2
    • Exploit type: ACL Violation
    • Reported Date: 2024-08-26
    • Fixed Date: 2025-01-07
    • CVE Number: CVE-2024-40749

    Description

    Improper Access Controls allows access to protected views.

    Affected Installs

    Joomla! CMS versions 3.9.0-3.10.19-elts, 4.0.0-4.4.9, 5.0.0-5.2.2

    Solution

    Upgrade to version 3.10.20-elts, 4.4.10 or 5.2.3

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Dominik Ziegelmüller
  • [20250201] - Core - SQL injection vulnerability in Scheduled Tasks component
    07 January 2025
    • Project: Joomla!
    • SubProject: CMS
    • Impact: High
    • Severity: Low
    • Probability: Low
    • Versions:4.1.0-4.4.10, 5.0.0-5.2.3
    • Exploit type: SQL Injection
    • Reported Date: 2024-12-10
    • Fixed Date: 2025-02-18
    • CVE Number: CVE-2025-22207

    Description

    Improperly built order clauses lead to a SQL injection vulnerability in the backend task list of com_scheduler

    Affected Installs

    Joomla! CMS versions 4.1.0-4.4.10, 5.0.0-5.2.3

    Solution

    Upgrade to version 4.4.11 or 5.2.4

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Calum Hutton, snyk.io
  • [20250102] - Core - XSS vector in the id attribute of menu lists
    07 January 2025
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Moderate
    • Probability: Low
    • Versions:3.0.0-3.10.19-elts, 4.0.0-4.4.9, 5.0.0-5.2.2
    • Exploit type: XSS
    • Reported Date: 2024-09-19
    • Fixed Date: 2025-01-07
    • CVE Number: CVE-2024-40748

    Description

    Lack of output escaping in the id attribute of menu lists.

    Affected Installs

    Joomla! CMS versions 3.0.0-3.10.19-elts, 4.0.0-4.4.9, 5.0.0-5.2.2

    Solution

    Upgrade to version 3.10.20-elts, 4.4.10 or 5.2.3

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Lokesh Dachepalli