#JUGL meetings are held on the 3rd Tuesday of each month

NEXT MEETING:

News 

Find Joomla! and Joomla! London related news here.  We show the latest security updates, Joomla! announcements, information about past and upcoming meetings, and anything else we think might be relevant.

The idea of a new Joomla! podcast was raised during Joomla! Day UK 2017 by an attendee who was keen to be its creator.  I really would like to see this as there have been some great ones in the past.  If you want to see this too, then feedback via Github so he is encouraged to make it happen.  https://github.com/joomla/joomla-marketing/issues/109.  Here's a link to some of the other podcasts that either still run or have run in the past.

joomla london email logoOur next meeting is on the 16th of August, that's 15 days away, just over two weeks. Register to attend (for free) and come down and learn more about Joomla! and surrounding topics. Last meeting had an excellent talk from Gary Barclay (Barclay.Works) regarding Google Tag Manager. We also had some great information from George Wilson (in charge of Joomla! releases) relating to Joomla! 3.6 as well as some feedback from the rest of the room.

Joomla haJoomla has been around for a little over 10 years.  in that time much of the code base has benefited from extensive development, to get it to the current version 3.5.  Some parts however, have seen very little change, the router is one such area of code, now that's about to be overhauled....completely!s been around for a little over 10 years.  in that time much of the code base has benefited from extensive development, to get it to the current version 3.5.  Some parts however, have seen very little change, the router is one such area of code, now that's about to be overhauled....completely!

Joomla! Security

13/4/21
Severity severity
Impact severity
Inadequate filters on module layout settings could lead to an LFI.
13/4/21
Severity severity
Impact severity
Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error pages.
2/3/21
Severity severity
Impact severity
Missing input validation within the template manager.
2/3/21
Severity severity
Impact severity
Usage of the insecure rand() function within the process of generating the 2FA secret.Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes.

Selected Joomla! Videos