1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Joomla patches critical remote execution bug

Discussion in 'CSO' started by RSS, Dec 15, 2015.

  1. RSS

    RSS New Member Member

    The open-source project behind the widely used Joomla content management system has issued a patch for a vulnerability that is now being widely used by hackers.

    Sucuri, a company that specializes in securing websites, wrote on Monday that attackers have been trying exploit the flaw for the last two days.

    As of Monday, Sucuri said "the wave of attacks is even bigger, with basically every site and honeypot we have being attacked. That means that probably every other Joomla site out there is being targeted as well."

    ALSO ON CSO: The Illustrated Guide to Security

    The vulnerability, which affects Joomla versions 1.5 to 3.4.5, involves the user agent string, which is information transmitted by a browser to a Web server when a user visits a Web page.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page