Due to the Joomla vulnerability reported on Thursday, the developer team has come up with the update, which is more, a security patch addressing the critical SQL injection vulnerability affecting several versions of Joomla CMS. The new version provides security fixes that were left in the earlier version. It is been suggested to upgrade the site to avail the latest security patches for making the CMS solution highly authentic.
The new Joomla CMS version released is believed to have discovered two bugs in the com_contenthistory and com_content files along with the SQL vulnerability. Joomla websites running on the versions ranging from 3.2.0 to 3.4.4 are expected to have suffered severely.
The details of the SQL injection issue is noted under CVE-2015-7297, CVE-2015-7857, CVE-2015-7858. The vulnerabilities or the flaws allowed the users to command the websites backend (database) with special text entered in the search boxes on the webpage. Such flaws make the CMS website insecure. It encourages hackers to conquer the confidential files from the affected server.
The discovered bug uncovers a session ID that contains the browser cookie assigned to the administrator. These cookies can easily be extracted by the hackers to distort the website performance.
Improve your website security by upgrading your Joomla CMS to this latest version.