Joomla! Developer - Vulnerability News
Not only is Joomla! easy to use, but it is easy to add extra functionality through a flexible and powerful developer framework. The Joomla! Framework allows you to build exceptional extensions for Joomla! including components, modules, plugins, templates and language packs.
Updated: 21 min 20 sec ago
[20081102] - Core - com_weblinks XSS vulnerability
- Project: Joomla!
- SubProject: com_weblinks
- Severity:moderate
- Versions: 1.5.7 and all previous 1.5 releases
- Exploit type: XSS
- Reported Date: 2008-November-9
- Fixed Date: 2008-November-10
com_weblinks allows raw HTML into the title and description tags for weblink submissions (from both the administrator and site submission forms).
Affected InstallsAll 1.5.x installs prior to and including 1.5.7 are affected.
SolutionUpgrade to latest Joomla! version (1.5.8 or newer).
Reported By Gergo Erdosi
ContactThe JSST at the Joomla! Security Center.
[20081101] - Core - com_content XSS vulnerability
- Project: Joomla!
- SubProject: com_content
- Severity:moderate
- Versions: 1.5.7 and all previous 1.5 releases
- Exploit type: XSS
- Reported Date: 2008-October-03
- Fixed Date: 2008-November-10
The defaults on com_content article submission allow entry of dangerous HTML tags (script, etc). This only affects users with access level Author or higher, and only if you have not set filtering options in com_content configuration.
Affected InstallsAll 1.5.x installs prior to and including 1.5.7 are affected.
SolutionUpgrade to latest Joomla! version (1.5.8 or newer).
Reported By Johan Janssens
ContactThe JSST at the Joomla! Security Center.
There are currently 0 users and 0 guests online.
My LinkedIn Profile
my del.icio.us network
StumbleUpon
Coder's Corner RSS
Random image
Gallery
Random Image
av_red_square.jpg
Random Album
Randall Goya/netsperience
Bookmarks
Syndicate
