Joomla Security Notice :: June 3, 2020

[Jason]

Joomla has emailed a security announcement.  If you use Joomla for your site, please check your version and upgrade accordingly.

The announcement is available on their site here:

https://developer.joomla.org/security-centre.html

Joomla! Security News
________________________________________
•   [20200605] - Core - CSRF in com_postinstall
•   [20200604] - Core - XSS in jQuery.htmlPrefilter
•   [20200603] - Core - XSS in com_modules tag options
•   [20200602] - Core - Inconsistent default textfilter settings
•   [20200601] - Core - XSS in modules heading tag option
[20200605] - Core - CSRF in com_postinstall
Posted: 02 Jun 2020 06:00 AM PDT
> Project: Joomla!
> SubProject: CMS
> Impact: Low
> Severity: Low
> Versions: 3.7.0-3.9.18
> Exploit type: XSS
> Reported Date: 2020-May-08
> Fixed Date: 2020-June-02
> CVE Number: CVE-2020-13760
Description
Missing token checks in com_postinstall cause CSRF vulnerabilities.
Affected Installs
Joomla! CMS versions 3.7.0 - 3.9.18
Solution
Upgrade to version 3.9.19
Contact
The JSST at the Joomla! Security Centre.
Reported By: Khoa Bùi Đức Anh
 
 

[20200604] - Core - XSS in jQuery.htmlPrefilter
Posted: 02 Jun 2020 06:00 AM PDT
> Project: Joomla!
> SubProject: CMS
> Impact: Low
> Severity: Moderate
> Versions: 3.0.0-3.9.18
> Exploit type: XSS
> Reported Date: 2020-April-10
> Fixed Date: 2020-June-02
> CVE Number: CVE-2020-11022 and CVE-2020-11023
Description
The jQuery project released version 3.5.0, and as part of that, disclosed two security vulnerabilities that affect all prior versions. As mentioned in the jQuery blog, both are "[...] security issues in jQuery's DOM manipulation methods, as in .html(), .append(), and the others."
The Drupal project has backported the relevant fixes back to jQuery 1.x and Joomla has adopted that patch.
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.18
Solution
Upgrade to version 3.9.19
Contact
The JSST at the Joomla! Security Centre.
Reported By: David Jardin, JSST
 
 

[20200603] - Core - XSS in com_modules tag options
Posted: 02 Jun 2020 06:00 AM PDT
> Project: Joomla!
> SubProject: CMS
> Impact: Moderate
> Severity: Low
> Versions: 3.0.0-3.9.18
> Exploit type: XSS
> Reported Date: 2020-May-06
> Fixed Date: 2020-June-02
> CVE Number: CVE-2020-13762
Description
Incorrect input validation of the module tag option in com_modules allow XSS attacks.
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.18
Solution
Upgrade to version 3.9.19
Contact
The JSST at the Joomla! Security Centre.
Reported By: Khoa Bùi Đức Anh
 
 

[20200602] - Core - Inconsistent default textfilter settings
Posted: 02 Jun 2020 06:00 AM PDT
> Project: Joomla!
> SubProject: CMS
> Impact: Low
> Severity: Low
> Versions: 2.5.0-3.9.18
> Exploit type: Insecure Permissions
> Reported Date: 2020-April-23
> Fixed Date: 2020-June-02
> CVE Number: CVE-2020-13763
Description
The default settings of the global "textfilter" configuration doesn't block HTML inputs for 'Guest' users. With 3.9.19, the textfilter for new installations has been set to 'No HTML' for the groups 'Public', 'Guest' and 'Registered'.
Affected Installs
Joomla! CMS versions 2.5.0 - 3.9.18
Solution
Upgrade to version 3.9.19
Contact
The JSST at the Joomla! Security Centre.
Reported By: Brian Teeman
 
 

[20200601] - Core - XSS in modules heading tag option
Posted: 02 Jun 2020 06:00 AM PDT
> Project: Joomla!
> SubProject: CMS
> Impact: Moderate
> Severity: Low
> Versions: 3.0.0-3.9.18
> Exploit type: XSS
> Reported Date: 2020-May-06
> Fixed Date: 2020-June-02
> CVE Number: CVE-2020-13761
Description
Lack of input validation in the heading tag option of the "Articles – Newsflash" and "Articles - Categories" modules allow XSS attacks.
Affected Installs
Joomla! CMS versions 3.0.0 - 3.9.18
Solution
Upgrade to version 3.9.19
Contact
The JSST at the Joomla! Security Centre.
Reported By: Khoa Bùi Đức Anh