An anonymous reader writes: Joomla has just issued a patch that fixes a SQL-injection vulnerability discovered by a researcher at Trustwave SpiderLabs. The flaw allowed malicious users to extract a browser cookie assigned to a site's administrator, giving them access to restricted parts of the server. The flaw first appeared in Joomla 3.2, released in November, 2013. An estimated 2.8 million websites rely on Joomla. The Joomla team and the researcher who found the flaw recommend an immediate update to version 3.4.5.
#NetNeutrality is STILL in danger - Click here to help. DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Check out the new SourceForge HTML5 Internet speed test. ×