Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN304
_____________________________________________________________________

DATE                : 16/03/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Fabrik versions prior to 4.6.3.

=====================================================================
https://fabrikar.com/forums/index.php?threads/fabrik-4-6-3-security-update.55636/
_____________________________________________________________________


Fabrik 4.6.3 Security Release
is available.

This is a security release, please update immediately via Joomla
updater or download from https://fabrikar.com/fabrik-base-infos
and install. 


To summarize the threat:

A RCE vulnerability was detected (and published on Discord), affecting
all Fabrik versions since 2012.

Thankfully we got informed
https://fabrikar.com/forums/index.php?threads/hacked-on-j3-and-j4-using-fabrik.55635/
The new security release Fabrik 4.6.3 (2026-02-25) fixes this
vulnerability, please update immediately.


How to find out if your site may be affected:

Check your access logs (maybe since mid of February).
Search for URLs related to Fabrik with [eval] or %5Beval%5D

If you find those your site was at least "tested" by the hackers.
If all those URLs are showing 4xx return codes it should be ok
(unsuccesful tests).

If not:
Search for all files added or modified until your Fabrik update.
Clean up, restore ... whatever is appropriate for your site.


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================