Joomla 3.8.4 remenda vulnerabilidades de injeção XSS e SQL

O Joomla lançou a versão 3.8.4, que aborda muitos problemas de segurança, incluindo uma falha de injeção de SQL e três falhas de cross-site scripting (XSS).

As vulnerabilidades de injeção de XSS e SQL foram classificadas como “low priority”.

Pode ler-se no comunicado da nova release:

“Joomla 3.8.4 is now available. This is a security release for the 3.x series of Joomla addressing four security vulnerabilities and including over 100 bug fixes and improvements.”

O problema mais grave é a vulnerabilidade de injeção SQL identificada como CVE-2018-6376, devido ao seu alto impacto.

Esta vulnerabilidade afeta as versões do Joomla: 3.7.0 até à 3.8.3.

Esta vulnerabilidade foi reportada por um especialista de segurança, Karim Ouerghemmi, da RIPS Technologies, e pode ler-se no comunicado:

“Recent updates to our analysis engine lead to the discovery of a new vulnerability in the Joomla! core affecting versions prior to 3.8.4. RIPS discovered a second-order SQL injection that could be used by attackers to leverage lower permissions and to escalate them into full admin permissions.”

Os especialistas explicaram que a falha pode ser explorada para obter privilégios de administração e instalação no Joomla.

An attacker exploiting this vulnerability can read arbitrary data from the database. This data can be used to further extend the permissions of the attacker. By gaining full administrative privileges she can take over the Joomla! installation by executing arbitrary PHP code.”

Dica: Avalie e proceda à atualização do seu CMS o quanto antes!

Pedro Tavares

Pedro Tavares is a professional in the field of information security working as an Ethical Hacker/Pentester, Malware Researcher and also a Security Evangelist. He is also a founding member at CSIRT.UBI and Editor-in-Chief of the security computer blog seguranca-informatica.pt.

In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, such as pentesting (Kali Linux), malware, exploitation, hacking, IoT and security in Active Directory networks. He is also Freelance Writer (Infosec. Resources Institute and Cyber Defense Magazine) and developer of the 0xSI_f33d – a feed that compiles phishing and malware campaigns targeting Portuguese citizens.