WISSENSWERT

40%-55% aller Internetsurfer sind heute mit mobilen Endgeräten im Netz.
Websites - Kein Medium sonst, bietet ein derart breites Spektrum an Kommunikations­kanälen
Sich Informationen aus dem Netz zu beschaffen ist gewöhnliche Alltagshandlung ... Stehen Sie berei
Websites sind schlichtweg essenzieller und integraler Bestandteil moderner Kommunikation ...
Minimalism is more than leaving stuff out, in fact ... minimalism is a state of mind.
Websites sind eine jederzeit leicht verfügbare Quelle an Information für Interessenten. Nutzen Sie
Joomla! - CMS für einfache Webseiten bis zu komplexen E-Commerce oder Social Marketing Sites für M
Das Internet ist dynamisches Wissen. Es gilt : Existenz durch Informationspräsenz.
Es spielt eben doch eine Rolle, ob Ihr Unternehmen auch im Internet vertreten ist oder nicht!

Joomla! Developer News

  1. Joomla 5.3 Alpha 2

    The Joomla! Project is pleased to announce the availability of Joomla 5.3 Alpha 2 for testing.

  2. Joomla 5.3 Alpha 1

    The Joomla! Project is pleased to announce the availability of the firstJoomla 5.3 Alpha for testing.

  3. Joomla 5.2 is here!

    Let’s celebrate!  The Joomla project is thrilled to announce the release of Joomla 5.2 along with Joomla 4.4.9. This new minor version of Joomla 5.2 brings exciting improvements, making it easier for everyone – from developers to content creators – to build and manage their websites.

  4. Joomla 5.2.0 Beta 3

    The Joomla Project is pleased to announce the availability of the Joomla 5.2 Beta 3 for testing.

  5. Joomla 5.2.0 Beta 2

    The Joomla Project is pleased to announce the availability of the Joomla 5.2 Beta 2 for testing.

Joomla! Security Announcements

  • [20250103] - Core - Read ACL violation in multiple core views
    07 January 2025
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Moderate
    • Probability: Low
    • Versions:3.9.0-3.10.19-elts, 4.0.0-4.4.9, 5.0.0-5.2.2
    • Exploit type: ACL Violation
    • Reported Date: 2024-08-26
    • Fixed Date: 2025-01-07
    • CVE Number: CVE-2024-40749

    Description

    Improper Access Controls allows access to protected views.

    Affected Installs

    Joomla! CMS versions 3.9.0-3.10.19-elts, 4.0.0-4.4.9, 5.0.0-5.2.2

    Solution

    Upgrade to version 3.10.20-elts, 4.4.10 or 5.2.3

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Dominik Ziegelmüller
  • [20250102] - Core - XSS vector in the id attribute of menu lists
    07 January 2025
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Moderate
    • Probability: Low
    • Versions:3.0.0-3.10.19-elts, 4.0.0-4.4.9, 5.0.0-5.2.2
    • Exploit type: XSS
    • Reported Date: 2024-09-19
    • Fixed Date: 2025-01-07
    • CVE Number: CVE-2024-40748

    Description

    Lack of output escaping in the id attribute of menu lists.

    Affected Installs

    Joomla! CMS versions 3.0.0-3.10.19-elts, 4.0.0-4.4.9, 5.0.0-5.2.2

    Solution

    Upgrade to version 3.10.20-elts, 4.4.10 or 5.2.3

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Lokesh Dachepalli
  • [20250101] - Core - XSS vectors in module chromes
    07 January 2025
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Moderate
    • Probability: Low
    • Versions:4.0.0-4.4.9, 5.0.0-5.2.2
    • Exploit type: XSS
    • Reported Date: 2024-08-29
    • Fixed Date: 2025-01-07
    • CVE Number: CVE-2024-40747

    Description

    Various module chromes didn't properly process inputs, leading to XSS vectors.

    Affected Installs

    Joomla! CMS versions 4.0.0-4.4.9, 5.0.0-5.2.2

    Solution

    Upgrade to version 4.4.10 or 5.2.3

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Catalin Iovita
  • [20240805] - Core - XSS vectors in Outputfilter::strip* methods
    20 August 2024
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Moderate
    • Probability: Low
    • Versions:3.0.0-3.10.16-elts, 4.0.0-4.4.6, 5.0.0-5.1.2
    • Exploit type: XSS
    • Reported Date: 2024-07-22
    • Fixed Date: 2024-08-20
    • CVE Number: CVE-2024-40743

    Description

    The stripImages and stripIframes methods didn't properly process inputs, leading to XSS vectors.

    Affected Installs

    Joomla! CMS versions 3.0.0-3.10.16-elts, 4.0.0-4.4.6, 5.0.0-5.1.2

    Solution

    Upgrade to version 3.10.17-elts, 4.4.7 or 5.1.3

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Jesper den Boer