$Joomla! JCE arbitrary file upload

Description

JCE is a very popular content editor for Joomla! sites. A vulnerability has been reported in JCE 2.0 and JCE 1.5 that allows a logged in user - who has access to JCE (ie: they can created or edit articles) and any of the Image Manager, Image Manager Extended, File Manager, Media Manager or Template Manager plugins - to view and manipulate files and folders outside of the folder assigned to these plugins.

JCE 2.0.11 and JCE 1.5.7.14 add additional security checks to fix the vulnerability. Additional checks have also been added to some functions in the Image Manager Extended and Template Manager plugins.

Remediation

Upgrade JCE to the latest version.

References
Severity
Classification
Tags
  • Arbitrary File Creation   Code Execution