Joomla has patched a dangerous flaw in its content management system that bypassed upload restrictions and was used in website hacks and phishing attacks.
Israeli security outfit Versafe discovered the flaw after noticing a uptick in malware distribution attacks originating from compromised Joomla websites.
"The series of attacks exploiting this vulnerability were particularly aggressive and widespread -- involved in over 50 percent of the attacks targeting our clients and others in EMEA (Europe, the Middle East and Africa) -- and ultimately successful in infecting a great many unsuspecting visitors to genuine websites," Chief executive Eyal Gruner said in a statement.
Attackers with access to a Joomla media manager on affected systems could upload and run arbitrary code by appending a period to file names.
The fix affected the media manager in versions prior to 3.1.5 and 2.5.14 due to "inadequate filtering [leading] to the ability to bypass file type upload restrictions".
Joomla said it was urgent for users to apply the patch.
iTnews Executive Retreat - Data & AI Edition
.png&w=120&c=1&s=0)
iTnews Cloud Covered Breakfast Summit
iTnews State of Security Breakfast
The 2026 iAwards
.jpg&w=120&c=1&s=0)
Integrate 2026
_(1).jpg&h=140&w=231&c=1&s=0)
