Joomla, the world's second popular open source Content Management System, has reportedly patched a critical vulnerability in its software’s core component.
Website administrators are strongly advised to immediately install latest Joomla version 3.7.1, released today, to patch a critical SQL Injection vulnerability (CVE-2017-8917) that affects Joomla version 3.7.0.
The SQL Injection vulnerability in Joomla 3.7.0 was responsibly reported by Marc-Alexandre Montpas, a security researcher at Sucuri last week to the company.
The Joomla Security Strike Team (JSST) has not provided any technical details right now, considering the gravity of the reported SQL Injection vulnerability, which could put millions of websites at risk of getting hacked, and eventually users visiting those sites.
“Inadequate filtering of request data leads to a SQL Injection vulnerability.” release note says.
The SQL Injection vulnerability in Joomla 3.7.0 was responsibly reported by Marc-Alexandre Montpas, a security researcher at Sucuri last week to the company.
The Joomla Security Strike Team (JSST) has not provided any technical details right now, considering the gravity of the reported SQL Injection vulnerability, which could put millions of websites at risk of getting hacked, and eventually users visiting those sites.
Since hackers would not take much time to find out ways to exploit this partially disclosed vulnerability, you are advised to download the latest version of Joomla for your website and inform others about the release of critical patch update as well.
Tags:
Internet Security
