Joomla Security Announcement

15 Apr 2019

  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Moderate
  • Versions: 3.0.0 through 3.9.4
  • Exploit type: XSS
  • Reported Date: 2019-March-25
  • Fixed Date: 2019-April-09
  • CVE Number: TBA


The $.extend method of JQuery is vulnerable to Object.prototype pollution attacks.

Affected Installs

Joomla! CMS versions 3.0.0 through 3.9.4


Upgrade to version 3.9.5

 Not sure how to update Joomla? If you need help, you can post in our forums or contact us to perform updates. 

*This post originally appeared here.

Powered by WHMCompleteSolution