Category Archives: cms

Insecure Updates in Joomla Earlier Than 3.6

By | October 9, 2017

In early April I reported safety issues with the replace course of to the safety contact of Joomla. Whereas the problem has been fastened in Joomla 3.6, the communication course of was removed from ideal. The subject itself is fairly easy: Up till lately Joomla fetched details about its updates over unencrypted and unauthenticated HTTP… Read More »