Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Joomla! 3.0.0 - 3.9.26 Multiple Vulnerabilities

Information

Severity

Severity

Medium

Family

Family

Web application abuses

CVSSv2 Base

CVSSv2 Base

4.9

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:S/C:P/I:P/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

2 years ago

Modified

Modified

2 years ago

Summary

Joomla! is prone to multiple vulnerabilities.

Insight

Insight

The following vulnerabilities exist: - CVE-2021-26032: HTML is missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors - CVE-2021-26033: A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint - CVE-2021-26034: A missing token check causes a CSRF vulnerability in data download endpoints in com_banners and com_sysinfo

Affected Software

Affected Software

Joomla! version 3.0.0 through 3.9.26.

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Update to version 3.9.27 or later.

Common Vulnerabilities and Exposures (CVE)