Joomla! Kunena Vulnerability Fixed on all SiteGround Servers

blog

Critical vulnerability in the famous Kunena forum component for Joomla! were announced three days ago and a new version of the component that addresses the issue was released. According to the official Kunena blog post all extension that are not updated to the latest version are vulnerable and the attackers may use XSS and SQL injection to gain full access to a Joomla! site.

Immediately after the Kunena team tweeted about the issue SiteGround security team took rapid actions to protect all customers hosted on our servers. I have personally contacted the developers of the component and we worked together to write special rules for our web application firewall that will filter out all malicious requests that try to take advantage of this exploit.

Even though we protected all of our customers, no matter which version of Kunena they use, we still advise all users to upgrade their Kunena component to the latest stable version 3.0.6 in which the issue is fixed.

Daniel Kanchev

Product and Technology Lead

Daniel is responsible for bringing new products to life at SiteGround. This involves handling all types of tasks and communication across multiple teams. Enthusiastic about technology, user experience, security and performance, you can never be bored hanging around him. Also an occasional conference speaker and travel addict.

Start discussion

Related Posts