THREATOPS
THREAT OPSThreat News › CISA warns of actively exploited RCE flaws in Joomla extensions

CISA warns of actively exploited RCE flaws in Joomla extensions

lowbleepingcomputerPublished 2026-07-13

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that attackers are exploiting vulnerabilities in the iCagenda and Balbooa Forms extensions for Joomla to achieve remote code execution through arbitrary file uploads. [...]

MITRE ATT&CK techniques

Original source: https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-rce-flaws-in-joomla-extensions/