WISSENSWERT

Minimalism is more than leaving stuff out, in fact ... minimalism is a state of mind.
Websites sind eine jederzeit leicht verfügbare Quelle an Information für Interessenten. Nutzen Sie
Es spielt eben doch eine Rolle, ob Ihr Unternehmen auch im Internet vertreten ist oder nicht!
Sich Informationen aus dem Netz zu beschaffen ist gewöhnliche Alltagshandlung ... Stehen Sie berei
Websites sind schlichtweg essenzieller und integraler Bestandteil moderner Kommunikation ...
Das Internet ist dynamisches Wissen. Es gilt : Existenz durch Informationspräsenz.
Websites - Kein Medium sonst, bietet ein derart breites Spektrum an Kommunikations­kanälen
Joomla! - CMS für einfache Webseiten bis zu komplexen E-Commerce oder Social Marketing Sites für M
40%-55% aller Internetsurfer sind heute mit mobilen Endgeräten im Netz.

Joomla! Developer News

  1. Joomla 5.3 Alpha 3

    The Joomla! Project is pleased to announce the availability of Joomla 5.3 Alpha 3 for testing.

  2. Joomla 5.3 Alpha 2

    The Joomla! Project is pleased to announce the availability of Joomla 5.3 Alpha 2 for testing.

  3. Joomla 5.3 Alpha 1

    The Joomla! Project is pleased to announce the availability of the firstJoomla 5.3 Alpha for testing.

  4. Joomla 5.2 is here!

    Let’s celebrate!  The Joomla project is thrilled to announce the release of Joomla 5.2 along with Joomla 4.4.9. This new minor version of Joomla 5.2 brings exciting improvements, making it easier for everyone – from developers to content creators – to build and manage their websites.

  5. Joomla 5.2.0 Beta 3

    The Joomla Project is pleased to announce the availability of the Joomla 5.2 Beta 3 for testing.

Joomla! Security Announcements

  • [20250103] - Core - Read ACL violation in multiple core views
    07. Januar 2025
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Moderate
    • Probability: Low
    • Versions:3.9.0-3.10.19-elts, 4.0.0-4.4.9, 5.0.0-5.2.2
    • Exploit type: ACL Violation
    • Reported Date: 2024-08-26
    • Fixed Date: 2025-01-07
    • CVE Number: CVE-2024-40749

    Description

    Improper Access Controls allows access to protected views.

    Affected Installs

    Joomla! CMS versions 3.9.0-3.10.19-elts, 4.0.0-4.4.9, 5.0.0-5.2.2

    Solution

    Upgrade to version 3.10.20-elts, 4.4.10 or 5.2.3

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Dominik Ziegelmüller
  • [20250201] - Core - SQL injection vulnerability in Scheduled Tasks component
    07. Januar 2025
    • Project: Joomla!
    • SubProject: CMS
    • Impact: High
    • Severity: Low
    • Probability: Low
    • Versions:4.1.0-4.4.10, 5.0.0-5.2.3
    • Exploit type: SQL Injection
    • Reported Date: 2024-12-10
    • Fixed Date: 2025-02-18
    • CVE Number: CVE-2025-22207

    Description

    Improperly built order clauses lead to a SQL injection vulnerability in the backend task list of com_scheduler

    Affected Installs

    Joomla! CMS versions 4.0.0-4.4.10, 5.1.0-5.2.3

    Solution

    Upgrade to version 4.4.11 or 5.2.4

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Calum Hutton, snyk.io
  • [20250102] - Core - XSS vector in the id attribute of menu lists
    07. Januar 2025
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Moderate
    • Probability: Low
    • Versions:3.0.0-3.10.19-elts, 4.0.0-4.4.9, 5.0.0-5.2.2
    • Exploit type: XSS
    • Reported Date: 2024-09-19
    • Fixed Date: 2025-01-07
    • CVE Number: CVE-2024-40748

    Description

    Lack of output escaping in the id attribute of menu lists.

    Affected Installs

    Joomla! CMS versions 3.0.0-3.10.19-elts, 4.0.0-4.4.9, 5.0.0-5.2.2

    Solution

    Upgrade to version 3.10.20-elts, 4.4.10 or 5.2.3

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Lokesh Dachepalli
  • [20250101] - Core - XSS vectors in module chromes
    07. Januar 2025
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Moderate
    • Probability: Low
    • Versions:4.0.0-4.4.9, 5.0.0-5.2.2
    • Exploit type: XSS
    • Reported Date: 2024-08-29
    • Fixed Date: 2025-01-07
    • CVE Number: CVE-2024-40747

    Description

    Various module chromes didn't properly process inputs, leading to XSS vectors.

    Affected Installs

    Joomla! CMS versions 4.0.0-4.4.9, 5.0.0-5.2.2

    Solution

    Upgrade to version 4.4.10 or 5.2.3

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:  Catalin Iovita