Open source content management system (CMS) Joomla has issued a warning about a security vulnerability that could allow attackers to take over website domains. The issue is related to the LDAP authentication plugin.
Joomla rates the bug “medium” in severity, but other security experts say it is more severe and “could allow remote attackers to leak the super user password with blind injection techniques and to fully take over any Joomla <= 3.7.5 installation within seconds.”
To patch the flaw, website owners who use Joomla need to upgrade to the latest version of the CMS, version 3.8.