Network Security, Patch/Configuration Management, Vulnerability Management

Joomla flaw allows attacker to change passwords and seize sites

Joomla patched a vulnerability (CVE-2016-9838) which if exploited could allow an attacker to reset login credentials and take over sites.

The bug affects all Joomla CMS versions released over the past five years, 1.6.0 through 3.6.4, and was the result of the incorrect use of unfiltered data stored to the session on a form validation failure which allows for existing user accounts to be modified, according to the security advisory.

The vulnerability is categorized as having a “high severity” and users are instructed to upgrade to version 3.6.5 or sites could be seized and used as part of SEO spam or DDoS botnets, researchers at Bleeping Computers warned.

Researchers warned that it is highly likely that attackers will weaponize the flaw and attempt to highjack as many sites as possible before admins have a chance to update them. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.