Official Joomla! Announcements
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.6.0 - 3.9.12
- Exploit type: Path Disclosure
- Reported Date: 2019-November-01
- Fixed Date: 2019-November-05
- CVE Number: CVE-2019-18674
Description
Missing access check in the phputf8 mapping files could lead to an path disclosure.
Affected Installs
Joomla! CMS versions 3.6.0 - 3.9.12
Solution
Upgrade to version 3.9.13
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: High
- Severity: Low
- Versions: 3.2.0-3.9.12
- Exploit type: CSRF
- Reported Date: 2019-October-10
- Fixed Date: 2019-November-05
- CVE Number: CVE-2019-18650
Description
A missing token check in com_template causes a CSRF vulnerability.
Affected Installs
Joomla! CMS versions 3.2.0 - 3.9.12
Solution
Upgrade to version 3.9.13
Contact
The JSST at the Joomla! Security Centre.
Define visitor’s geolocation by IP automatically and redirect them to a specific page. Based on IP identification the GEO Redirect plugin allows you send your visitors to specific landing pages, redirect them to different websites or just block them from accessing your site. With the use of the plugin, your foreign customers won’t have to choose the native language and currency manually, as they will be redirected to a proper page as soon as they open your website. Using the Easy Redirect you’ll manage to redirect visitors to specific URLs, switch currency, switch store view e.t.c.
With GEO Redirect, you can choose either to make a redirect between websites or only within one website. In case you have several websites you can manage your traffic in a few mouse clicks.
Read more http://feeds.joomla.org/~r/JoomlaExtensions/~3/Q1cFinETNnk/geo-redirect-for-joomla
Sixe Online Customer Service provides online communication and contact information for browsing customers. Built in a variety of commonly used communication channels, including: phone, email, QQ number, map, two-dimensional code and many other ways. Hexawing online customer service plug-in can be very convenient to increase the number of calls, online customer service plug-in has become an important tool for network marketing, but also to show the image of the enterprise website, strengthen the enterprise and visitors interaction essential tools.
Read more http://feeds.joomla.org/~r/JoomlaExtensions/~3/VAWKDF2mCS4/sixe-online-customer-service
Display search form with existing HikaShop categories. By using this module, users can search products on your HikaShop extension based shop filter by cagtegory.
FEATURES:
- Responsive design
- Display search form with existing HikaShop Categories.
- Customisable search form width, height and colors.
- Show search results based on your selected HikaShop menu item's configuration.
Read more http://feeds.joomla.org/~r/JoomlaExtensions/~3/hNP2gzCDBt8/rca-search-for-hikashop