If your website is based on the popular Joomla content management system, make sure you have updated your platform to the latest version released today.
Joomla, the world's second popular open source Content Management System, has reportedly patched a critical vulnerability in its software’s core component.
Website administrators are strongly advised to immediately install latest Joomla version 3.7.1, released today, to patch a critical SQL Injection vulnerability (CVE-2017-8917) that affects Joomla version 3.7.0.
“Inadequate filtering of request data leads to a SQL Injection vulnerability.” release note says.
The SQL Injection vulnerability in Joomla 3.7.0 was responsibly reported by Marc-Alexandre Montpas, a security researcher at Sucuri last week to the company.
The Joomla Security Strike Team (JSST) has not provided any technical details right now, considering the gravity of the reported SQL Injection vulnerability, which could put millions of websites at risk of getting hacked, and eventually users visiting those sites.
However, It's easy to exploit SQL Injection vulnerability, which could allow remote hackers to steal sensitive information from the database and gain unauthorized access to websites.
Since hackers would not take much time to find out ways to exploit this partially disclosed vulnerability, you are advised to download the latest version of Joomla for your website and inform others about the release of critical patch update as well.
ReplyDeletegood blog.
CISCO Video Conferencing
Aruba Wireless Access Points