media 65
Home | Login | Register | Password Reset |

Media 65 Technologies
User Name:   Password: 

Password Reset
Close


Go Back   Media 65 Forums > Joomla > Joomla Security
[20090603] - Core - Frontend XSS [20090603] - Core - Frontend XSS
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Joomla Security This is a forum for Joomla Security issues. We start to add resources as they come. All are welcome add to the discussions and resources.

Reply
 
Thread Tools Display Modes
  #1 (permalink)  
Old 06-08-2009, 12:01 AM
admin's Avatar
Administrator
  
Join Date: Sep 2006
Posts: 1,451
Default [20090603] - Core - Frontend XSS
  • Project: Joomla!
  • SubProject: Site client
  • Severity: Low
  • Versions: 1.5.10 and all previous 1.5 releases
  • Exploit type: XSS
  • Reported Date: 2009-May-05
  • Fixed Date: 2009-June-02
Description

Some values were output from the database without being properly escaped. Most strings in question were sourced from the administrator panel.

Affected Installs

All 1.5.x installs prior to and including 1.5.10 are affected.

Solution

Upgrade to latest Joomla! version (1.5.11 or newer).

Contact

The JSST at the Joomla! Security Center.




More...
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


All times are GMT -4. The time now is 02:00 PM.

Contact Us - Media 65 Forums - Archive - Privacy Statement - Top

Powered by vBulletin® Version 3.7.4
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.2.0