There is a gap between the security of the different open source content management system (CMS) projects. A new report from HP (NYSE:HPQ) takes a look a security risks in 2010 and found that one CMS in particular was more vulnerable than the other.
“WordPress these days has very few vulnerable installs that we could find versus Joomla where nearly all of them are vulnerable in one form or another,” Mike Dausin, manager of advanced security intelligence for HP DVLabs told InternetNews.com.
Dausin noted that one possible reason why WordPress is more secure is that it is an easy system to update. That said, Dausin noted that in 2010, Joomla, Drupal and WordPress have all done better jobs at patching their core systems.
Joomla developers note that their CMS takes security seriously and has teams and processes in place.
“With the release of 1.6 in early 2011, Joomla took unprecedented steps to secure the CMS,” Louis Landry, Joomla Development Coordinator, told InternetNews.com. “The most significant changes for this release are the new advanced security and permissions features. These provide system administrators control over who can edit what and access which components, modules and plugins.”