[20081102] - Core - com_weblinks XSS vulnerability

		Media 65 Forums > Joomla > Joomla Security
[20081102] - Core - com_weblinks XSS vulnerability

Joomla Security This is a forum for Joomla Security issues. We start to add resources as they come. All are welcome add to the discussions and resources.

Thread Tools

Display Modes

#1 (permalink)

11-11-2008, 02:52 AM

admin

Administrator

Join Date: Sep 2006

Posts: 676

[20081102] - Core - com_weblinks XSS vulnerability

Project: Joomla!
SubProject: com_weblinks
Severity:moderate
Versions: 1.5.7 and all previous 1.5 releases
Exploit type: XSS
Reported Date: 2008-November-9
Fixed Date: 2008-November-10

Description

com_weblinks allows raw HTML into the title and description tags for weblink submissions (from both the administrator and site submission forms).*

Affected Installs All 1.5.x installs prior to and including 1.5.7 are affected.

Solution

Upgrade to latest Joomla! version (1.5.8 or newer).

Reported By Gergo Erdosi

Contact

The JSST at the Joomla! Security Center.

More...

« Previous Thread | Next Thread »

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is On HTML code is Off Trackbacks are On Pingbacks are On Refbacks are Off

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
[20081101] - Core - com_content XSS vulnerability	admin	Joomla Security	0	11-11-2008 02:52 AM

All times are GMT -4. The time now is 07:39 AM.