Joomla! is one of the most popular CMS platforms and is used by hundreds of thousands of organizations worldwide. Over the years, many vulnerabilities were found in the product, such as Joomla Core Sterilizer Cross-Site Scripting Filter Privilege Escalation (CVE-2017-7985) and Joomla Object Injection Remote Command Execution (CVE-2015-8562). Indeed, over the past two years, there is evidence of a significant surge in the number of Joomla known vulnerabilities.

https://research.checkpoint.com/jmail-breaker-profiting-from-joomlas-mail-service/