WISSENSWERT

Websites sind eine jederzeit leicht verfügbare Quelle an Information für Interessenten. Nutzen Sie
Es spielt eben doch eine Rolle, ob Ihr Unternehmen auch im Internet vertreten ist oder nicht!
40%-55% aller Internetsurfer sind heute mit mobilen Endgeräten im Netz.
Websites - Kein Medium sonst, bietet ein derart breites Spektrum an Kommunikations­kanälen
Minimalism is more than leaving stuff out, in fact ... minimalism is a state of mind.
Das Internet ist dynamisches Wissen. Es gilt : Existenz durch Informationspräsenz.
Joomla! - CMS für einfache Webseiten bis zu komplexen E-Commerce oder Social Marketing Sites für M
Sich Informationen aus dem Netz zu beschaffen ist gewöhnliche Alltagshandlung ... Stehen Sie berei
Websites sind schlichtweg essenzieller und integraler Bestandteil moderner Kommunikation ...

Joomla! Developer News

  1. Joomla! 6.1 Beta 3 - Help make it stable!

    Joomla 6.1 Beta 3

    The Joomla! Project is pleased to announce the availability of Joomla 6.1 Beta 3 for testing.

  2. A New, Sustainable Workflow for Managing Feature Requests in Joomla

    The Joomla project is introducing a redesigned workflow for handling feature requests - an approach aimed at making the process more transparent, more predictable, and easier to manage for both maintainers and the wider community. This new system is currently in a trial phase, and community feedback will play a key role in refining it further.

  3. Joomla! 6.1 Beta 2 - Bug squashing time!

    Joomla 6.1 Beta 2

    The Joomla! Project is pleased to announce the availability of Joomla 6.1 Beta 2 for testing.

  4. Joomla! 8 sprint - The Feature List

    Joomla has always evolved through its community. But sustainable progress requires more than good ideas — it requires clear direction and visible priorities.

    Over the past months, we have worked to provide exactly that. The strategy sprint created alignment. The product strategydefined our framework. Today, we are moving into execution by making the official feature list public.

  5. Joomla! 6.1 Beta 1 - Feature freeze, see what made it!

    Joomla 6.1 Beta 1

    The Joomla! Project is pleased to announce the availability of Joomla 6.1 Beta 1 for testing.

Joomla! Security Announcements

  • [20260301] - Core - ACL hardening in com_ajax
    31 March 2026
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Probability: Moderate
    • Versions: 3.0.0-5.4.3, 6.0.0-6.0.3
    • Exploit type: Incorrect Access Control
    • Reported Date: 2026-03-11
    • Fixed Date: 2026-03-31
    • CVE Number: CVE-2026-21629

    Description

    The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers.

    Affected Installs

    Joomla! CMS versions 3.0.0-5.4.3, 6.0.0-6.0.3

    Solution

    Upgrade to version 5.4.4 or 6.0.4

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  JSST
  • [20260302] - Core - SQL injection in com_content articles webservice endpoint
    31 March 2026
    • Project: Joomla!
    • SubProject: CMS
    • Impact: High
    • Severity: Low
    • Probability: Moderate
    • Versions:4.0.0-5.4.3, 6.0.0-6.0.3
    • Exploit type: SQLi
    • Reported Date: 2026-03-05
    • Fixed Date: 2026-03-31
    • CVE Number: CVE-2026-21630

    Description

    Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint.

    Affected Installs

    Joomla! CMS versions 4.0.0-5.4.3, 6.0.0-6.0.3

    Solution

    Upgrade to version 5.4.4 or 6.0.4

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Antonio Morales from GitHub Security Lab Taskflow Agent / vnth4nhnt from CyStack
  • [20260303] - Core - XSS vector in com_associations comparison view
    31 March 2026
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Moderate
    • Severity: Moderate
    • Probability: Low
    • Versions:4.0.0-5.4.3, 6.0.0-6.0.3
    • Exploit type: XSS
    • Reported Date: 2026-03-11
    • Fixed Date: 2026-03-31
    • CVE Number: CVE-2026-21631

    Description

    Lack of output escaping leads to a XSS vector in the multilingual associations component

    Affected Installs

    Joomla! CMS versions 4.0.0-5.4.3, 6.0.0-6.0.3

    Solution

    Upgrade to version 5.4.4 or 6.0.4

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Shirsendu Mondal & Md Tanzimul Alam Fahim, UNC Pembroke
  • [20260304] - Core - XSS vectors in various article title outputs
    31 March 2026
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Moderate
    • Severity: Moderate
    • Probability: Low
    • Versions:4.0.0-5.4.3, 6.0.0-6.0.3
    • Exploit type: XSS
    • Reported Date: 2026-03-10
    • Fixed Date: 2026-03-31
    • CVE Number: CVE-2026-21632

    Description

    Lack of output escaping for article titles leads to XSS vectors in various locations.

    Affected Installs

    Joomla! CMS versions 4.0.0-5.4.3, 6.0.0-6.0.3

    Solution

    Upgrade to version 5.4.4 or 6.0.4

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  peter vanderhulst