T4 file automatically placed in quarantine

ptrouw

Hi,

My provider has an automatic scan and has placed this file in quarantine:

Incorrect permission's vulnerability in:
/plugins/system/t4/themes/base/html/layouts/joomla/form/field/moduleorder.j3.php

I suppose this in incorrect?
Is there any I can do to solve this?

Kind regards, Paul

saguaros

Hi Paul,

Could you tell me more details of which tool your provider use to check and share the full report so we can check?

ptrouw

saguaros
They mentioned in their scan mail: Patchman

saguaros

Hi ptrouw

I don't have that Patchman to test it now, could you share the full report? I will forward to the team for further checking.

Regards

ptrouw

I would love to help you out, but this is done by my provider as an additional service, so I have no access to full report. I will ask them.
Perhaps you can contact patchman directly and ask why this specific file is marked unsave (hello@patchman.co)

saguaros

ptrouw Thank you!

ptrouw

According to the Patchman panel, the vulnerability in question is the following:

Exploit type: Incorrect Access Control
Reported Date: 2020-07-07
Fixed Date: 2021-01-12

Lack of ACL checks in the orderPosition endpoint of com_modules leaked names of unpublished and/or inaccessible modules.
CVE-2021-23123

This is a vulnerability of the type incorrect permissions. A function or user has permission it should not have.

https://developer.joomla.org/security-centre/836-20210101-core-com-modules-exposes-module-names.html

Quote from provider: "As far as I know, the file is not quarantined, but only patched with the known fix. I can still see the file on this hosting package."

saguaros

ptrouw Thanks for your sharing!