Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN222

_____________________________________________________________________

DATE                : 09/04/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Joomla! CMS versions prior to
                                     4.4.13, 5.2.6,
                     Joomla! Joomla! versions prior to 2.2.0, 3.4.0.

=====================================================================
https://developer.joomla.org/security-centre/964-20250402-core-mfa-authentication-bypass.html
https://developer.joomla.org/security-centre/963-20250401-framework-sql-injection-vulnerability-in-quotenamestr-method-of-database-package.html
_____________________________________________________________________


Security Announcements
[20250402] - Core - MFA Authentication Bypass

    Project: Joomla!
    SubProject: CMS
    Impact: High
    Severity: Moderate
    Probability: Moderate
    Versions: 4.0.0 - 4.4.12, 5.0.0 - 5.2.5
    Exploit type: Authentication Bypass
    Reported Date: 2025-03-20
    Fixed Date: 2025-04-08
    CVE Number: CVE-2025-25227

Description
Insufficient state checks lead to a vector that allows to bypass
2FA checks.


Affected Installs
Joomla! CMS versions: 1.0.0-2.1.1, 3.0.0-3.3.1


Solution
Upgrade to version 4.4.13 or 5.2.6


Contact

The JSST at the Joomla! Security Centre.

_____________________________________________________________________


Security Announcements
[20250401] - Framework - SQL injection vulnerability in quoteNameStr
method of Database package

    Project: Joomla!
    SubProject: Framework
    Impact: High
    Severity: Low
    Probability: Low
    Versions: 1.0.0-2.1.1, 3.0.0-3.3.1
    Exploit type: SQL Injection
    Reported Date: 2025-03-17
    Fixed Date: 2025-04-02
    CVE Number: CVE-2025-25226

Description
Improper handling of identifiers lead to a SQL injection
vulnerability in the quoteNameStr method of the database package.

Affected Installs

Database Package version: 1.0.0-2.1.1, 3.0.0-3.3.1

Please note: the affected method is a protected method. It has no
usages in the original packages in neither the 2.x nor 3.x branch
and therefore the vulnerability in question can not be exploited
when using the original database class. However, classes extending
the affected class might be affected, if the vulnerable method
is used.


Solution

Upgrade to version 2.2.0 or 3.4.0


Contact

The JSST at the Joomla! Security Centre.
Reported By:  Nicholas K. Dionysopoulos, akeeba.com


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================