[20120104] – Core – XSS Vulnerability

Jan23
by Ike on January 23, 2012 at 9:45 am
Posted In: CMS, Core Security, Joomla, security
  • Project: Joomla!
  • SubProject: All
  • Severity: Moderate
  • Versions: 1.7.3 and all earlier versions
  • Exploit type: XSS Vulnerability
  • Reported Date: 2012-January-22
  • Fixed Date: 2012-January-24

Description

Inadequate filtering leads to XSS vulnerability.

Affected Installs

Joomla! version 1.7.3 and all earlier 1.7 and 1.6 versions

Solution

Upgrade to version 1.7.4 or 2.5.0 or higher

Reported by David Jardin

Contact

The JSST at the Joomla! Security Center.

└ Tags: