Investigation of exploits

JCE (joomla content editor) 2.2.4

This report appears to be the result of a "false positive" based on the detection of an exploit attempt using a vulnerability reported in an earlier version of JCE (versions before 2.1.3) - [1] and [2]

The detection of the exploit attempt does in no way in our opinion indicate a vulnerability in the extension. It is our belief that JCE 2.2.4 (and versions released since 2.1.3) is secure and not vulnerable to an upload exploit.