What is a vulnerable extension?

From Joomla! Documentation

Revision as of 17:03, 11 October 2008 by Jabama (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

A vulnerable extension is one that has been found to contain (or contribute to) a security vulnerability.

Vulnerable extensions are not necessarily poorly-coded. As the Web evolves, technical requirements and commonly accepted coding practices change. Active projects release new versions of their extensions as requirements change. For this reason, it is important to:

  1. Know the version numbers of all installed extensions.
  2. Use only the latest stable version of all extensions.
  3. Completely remove all files of insecure or unused extensions.