Core Joomla! Vulnerability Patched in Version 3.4.5 Security Release

Brandon

33 1 minute read

Core Joomla! Vulnerability Patched in Version 3.4.5 Security Release

joomla-vulnerability

A few days ago, a critical vulnerability in the Joomla! core was found. It comes from an unsanitized input in the Joomla! core, which makes an SQL injection possible. The result of such an attack can lead to totally compromised websites – stolen login details, hijacking website access, malicious file uploads, etc. It’s a serious threat, without a doubt, and one that applies to all Joomla! 3.2 versions and above.

Server-level protection with custom WAF rules

As always, when facing a vulnerability, we tend to take immediate actions in-house. We wrote custom rules inside our Web Application Firewall (WAF) to prevent potential exploits in our Joomla sites at the server level. We have shared our firewall rules with the Joomla! Security Team, in case they could be of help to other hosts or developers that want to protect their websites.

Autoupdate our Joomla! sites to the new and secure version 3.4.5

No matter how many server level fences we put up, it’s always best to have the vulnerability patched and all holes closed. That is why, today, after Joomla! released the official patch for the vulnerability with version 3.4.5, we will update all Joomlas that have enabled Auto Updates to the new and secure version.

If you have disabled the Joomla autoupdate feature from your SiteGround cPanel, please make sure you update your Joomla as soon as possible on your own.

Core Joomla! Vulnerability Patched in Version 3.4.5 Security Release

Core Joomla! Vulnerability Patched in Version 3.4.5 Security Release

Server-level protection with custom WAF rules

Autoupdate our Joomla! sites to the new and secure version 3.4.5

Brandon

Piping Email with PHP and SiteGround

Web Design Tips For Small Businesses – Build a Website Your Customers Will Love

Brian says…. or what did we learn from Mr. Teeman – one of the Joomla founders

The new “World” WordPress theme

‘’View This Email in Your Browser’’- What Is It & Why to Use It

SiteGround takes Manhattan – BlogWorld and WordCamp NYC Recap

Navigate Your Website to Success: Your To-Do List for Stronger Security

Navigate Your Website to Success: Speed Improvement To-Do List

How to Create an Email Marketing Strategy

MySQL 8: Successful upgrade of millions of databases, and unmatched customer experience

Create Stunning Emails Fast with Our Free Email Templates (+ More Updates)

New: Premium Backup for Ultimate Peace of Mind

Core Joomla! Vulnerability Patched in Version 3.4.5 Security Release

Server-level protection with custom WAF rules

Autoupdate our Joomla! sites to the new and secure version 3.4.5

Brandon

Related Articles

Stop the Stop Online Piracy Act

HTTP/2 Now Available on all shared/cloud servers at SiteGround

SiteGround web hosting now offers goMobi service for its customers

PHP 8.2 Becomes the Default PHP Version on All SiteGround Servers

Piping Email with PHP and SiteGround

Web Design Tips For Small Businesses – Build a Website Your Customers Will Love

Brian says…. or what did we learn from Mr. Teeman – one of the Joomla founders

The new “World” WordPress theme

‘’View This Email in Your Browser’’- What Is It & Why to Use It

SiteGround takes Manhattan – BlogWorld and WordCamp NYC Recap

Navigate Your Website to Success: Your To-Do List for Stronger Security

Navigate Your Website to Success: Speed Improvement To-Do List

How to Create an Email Marketing Strategy

MySQL 8: Successful upgrade of millions of databases, and unmatched customer experience

Create Stunning Emails Fast with Our Free Email Templates (+ More Updates)

New: Premium Backup for Ultimate Peace of Mind