🔴 Critical | Source: The Hacker News
Two Joomla extensions — iCagenda and Balbooa Forms — have been assigned maximum CVSS scores of 10.0 and confirmed as actively exploited zero-days, prompting CISA to add them to its Known Exploited Vulnerabilities catalogue. These flaws affect widely used Joomla plugins, meaning any organisation running affected versions faces immediate, critical risk. Zero-day status indicates attackers were exploiting these vulnerabilities before patches were available.
Security Architect’s Take: Audit all Joomla deployments in your estate immediately and identify any instances running iCagenda or Balbooa Forms extensions; apply vendor patches or remove the extensions without delay. If patching is not immediately possible, consider taking affected Joomla sites offline or placing them behind a WAF with virtual patching rules targeting these CVEs.
Original advisory: iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days