The cybergang behind the ongoing WordPress malvertising campaign is now targeting Joomla sites.
The cybergang behind the ongoing WordPress malvertising campaign is now targeting Joomla sites.

Joomla! recently patched two cross-site scripting vulnerabilities that if left unrepaired could give a malicious actor higher permissions possibly allowing the targeted site to be taken over.

Fortinet said it had reported the issues to Joomla! earlier this year and the content management system provider patched them last week. The issues were CVE-2017-7985 and CVE-2017-7986 for Joomla! versions 1.5.0 through 3.6.5.

The issue was caused by Joomla being unable to sterilize dangerous code like javascript:alert()”, “background:url(), when the attacker used a tool such as Burp Suite to simply side step Joomla's built in defense.

Fortinet encouraged Joomla! users, of which there are 78 million worldwide, to immediately update their software.