Joomla has patched a dangerous flaw in its content management system that bypassed upload restrictions and was used in website hacks and phishing attacks.
Israeli security outfit Versafe discovered the flaw after noticing a uptick in malware distribution attacks originating from compromised Joomla websites.
"The series of attacks exploiting this vulnerability were particularly aggressive and widespread -- involved in over 50 percent of the attacks targeting our clients and others in EMEA (Europe, the Middle East and Africa) -- and ultimately successful in infecting a great many unsuspecting visitors to genuine websites," Chief executive Eyal Gruner said in a statement.
Attackers with access to a Joomla media manager on affected systems could upload and run arbitrary code by appending a period to file names.
The fix affected the media manager in versions prior to 3.1.5 and 2.5.14 due to "inadequate filtering [leading] to the ability to bypass file type upload restrictions".
Joomla said it was urgent for users to apply the patch.
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
