Joomla! Security News

  1. [20131101] Core XSS Vulnerability
  2. [20131102] Core XSS Vulnerability
  3. [20131103] Core XSS Vulnerability

[20131101] Core XSS Vulnerability in Joomla

Posted: 06 Nov 2013 10:47 AM PST

  •     Project: Joomla!
  •     SubProject: All
  •     Severity: High
  •     Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
  •     Exploit type: XSS Vulnerability
  •     Reported Date: 2013-October-25
  •     Fixed Date: 2013-November-06
  •     CVE Number:

Description

Inadequate filtering leads to XSS vulnerability in com_contact.

Affected Installs

Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.15, 3.1.6 or 3.2.

Contact

The JSST at the Joomla! Security Center.
Reported By: Osanda Malith

[20131102] Core XSS Vulnerability in Joomla

Posted: 06 Nov 2013 10:47 AM PST

  •     Project: Joomla!
  •     SubProject: All
  •     Severity: Moderate
  •     Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
  •     Exploit type: XSS Vulnerability
  •     Reported Date: 2013-October-06
  •     Fixed Date: 2013-November-06
  •     CVE Number:

Description

Inadequate filtering leads to XSS vulnerability in com_contact, com_weblinks, com_newsfeeds.

Affected Installs

Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.15, 3.1.6 or 3.2.

Contact

The JSST at the Joomla! Security Center.
Reported By: Osanda Malith

[20131103] Core XSS Vulnerability in Joomla

Posted: 06 Nov 2013 10:47 AM PST

  •     Project: Joomla!
  •     SubProject: All
  •     Severity: Moderate
  •     Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
  •     Exploit type: XSS Vulnerability
  •     Reported Date: 2013-October-26
  •     Fixed Date: 2013-November-06
  •     CVE Number:

Description

Inadequate filtering leads to XSS vulnerability in com_contact.

Affected Installs

Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.15, 3.1.6 or 3.2.

Contact

The JSST at the Joomla! Security Center.
Reported By: Osanda Malith

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>