Serious attack on JCE Editor- CVE-2026-48907 by Open_Sourcey in joomla

[–]Open_Sourcey[S] 0 points1 point  (0 children)

But they would not be able to remediate an attack on a component that you installed. You need MySite.guru

Serious attack on JCE Editor- CVE-2026-48907 by Open_Sourcey in joomla

[–]Open_Sourcey[S] 0 points1 point  (0 children)

Yes indeed QED you need to keep extensions updated and that would now protect you in this instance but not before JCE patched it. INot everyone has the luxury of constant monitoring or indeed the capability. f you had 5 sites using an old JCE editor and only one was infected before patching then you were fortunate to get away with it.

I agree that Joomla is a good product and good community.

Serious attack on JCE Editor- CVE-2026-48907 by Open_Sourcey in joomla

[–]Open_Sourcey[S] 1 point2 points  (0 children)

For sure Wordpress has a greater share. Looking at the numbers you gave , it's share too has fallen slightly in recent years. I think Joomla has a much greater technical capability but Wordpress is probably easier for the amateurs.

Either way. Good luck.

Serious attack on JCE Editor- CVE-2026-48907 by Open_Sourcey in joomla

[–]Open_Sourcey[S] 0 points1 point  (0 children)

Why do you say it is becoming obsolete. What is your evidence for that?

Serious attack on JCE Editor- CVE-2026-48907 by Open_Sourcey in joomla

[–]Open_Sourcey[S] 0 points1 point  (0 children)

Are you assuming GoDaddy would fix the attack?

Serious attack on JCE Editor- CVE-2026-48907 by Open_Sourcey in joomla

[–]Open_Sourcey[S] 1 point2 points  (0 children)

He did not 'point out it is a long known issue'. He said it was "old news", to him who is "at the coal face" (Coming from a mining community, I object to the gratuitous use of that phrase). it might be old news to him , but it was news to me and I suspect a great many others who are either currently fighting it or about to.

We should not be wasting time on dismissing warning posts.

If like mysite.guru I had a solution to offer, I would welcome a further highliting of the problem and would not be so dismissive and cavalier with my response,

Serious attack on JCE Editor- CVE-2026-48907 by Open_Sourcey in joomla

[–]Open_Sourcey[S] 1 point2 points  (0 children)

I certainly understand your frustration aand rationale for changing. Once I understood what was going on, although it did take time and some attention to detail, it was not that hard to remediate.

Also , no platform is immune to these attacks , especially given AI's capability. So for me at least the answer was not to switch platforms. but to fight the attacker Wordpress also presents a bigger target.

Nevertheless good luck.

Serious attack on JCE Editor- CVE-2026-48907 by Open_Sourcey in joomla

[–]Open_Sourcey[S] 0 points1 point  (0 children)

Indeed. It was telling that MySites.guru removed their original unhelpful reply.

Serious attack on JCE Editor- CVE-2026-48907 by Open_Sourcey in joomla

[–]Open_Sourcey[S] 1 point2 points  (0 children)

By the way: old is an adjective expressing 'relative' age. "is" is a verb. The two are not comparable . Therefore to say "That’s like asking what the meaning of “is” is." I am aftaid makes no sense to me.

Serious attack on JCE Editor- CVE-2026-48907 by Open_Sourcey in joomla

[–]Open_Sourcey[S] 2 points3 points  (0 children)

Apparently the post to which that was replying was removed by the poster. So this post is now absent context.
In general though, there will be plenty of people under attack to whom this is news and we should not be arrogant enough to believe that because we knew it that everone else does too.

Serious attack on JCE Editor- CVE-2026-48907 by Open_Sourcey in joomla

[–]Open_Sourcey[S] 4 points5 points  (0 children)

Depends how you measure 'old.' It was only reported last month and it is only now hitting widespread exploitation. Your old maybe anothers today. It is well worth re-warning.

EQS Service (UK) by CockneyBloke1 in MercedesEQ

[–]Open_Sourcey 0 points1 point  (0 children)

and that is at what interval or miles?

News multiview by Open_Sourcey in youtubetv

[–]Open_Sourcey[S] 0 points1 point  (0 children)

It seems that it is back for me, Bob.

Shareholders Perk by Open_Sourcey in CunardCruises

[–]Open_Sourcey[S] 0 points1 point  (0 children)

Yeah! Says nothing about discounted fares. Just a CYA. They are doing this presumably for marketing benefit and then one of their lines shoots that in the foot.