A vulnerability was discovered in one of the famous content management system specifically on the Featured Articles menu parameters. CVE-2020-10243 has been assigned to this vulnerability affecting a wide range of joomla versions. It was reported last March 9, 2020 and can be exploited using SQL Injection attack. Joomla rated it as High impact and low severity.

Affected Versions :
Joomla version 1.7.0 to 3.9.15.

At risk:
– Website of small, medium and large government entities
– Website of Small, medium and large businesses

CERT-PH recommend the following actions be taken:

  • Do basic server security audit to ensure a clean and non-compromised environment
  • Backup current version of Joomla in production host server
  • Download patches & fixes from official Joomla site and apply patch in development server then test.
  • Apply appropriate patches & fixes provided by Joomla to production server.