Joomla World Conference
When: Fri Nov 16, 2012 to Sun Nov 18, 2012Where: eBay town hall, San Jose, California, USA
Event Status: confirmed
- Details
- Category: JEvents Official Calendar
[20120308] - Core - XSS Vulnerability
- Project: Joomla!
- SubProject: All
- Severity: Low
- Versions: 2.5.3 and all earlier 2.5.x versions
- Exploit type: XSS Vulnerability
- Reported Date: 2012-February-3
- Fixed Date: 2012-April-2
Description
Inadequate filtering in update manager leads to XSS vulnerability.
Affected Installs
Joomla! versions 2.5.3 and all earlier 2.5.x versions
Solution
Upgrade to version
...- Details
- Category: Security Announcements
[20120305] - Core - Password Change
- Project: Joomla!
- SubProject: All
- Severity: High
- Versions: 1.5.25 and all earlier 1.5.x versions
- Exploit type: Password Change
- Reported Date: 2012-March-8
- Fixed Date: 2012-March-27
Description
Insufficient randomness leads to password reset vulnerability.
Affected Installs
Joomla! versions 1.5.25 and all earlier 1.5.x versions
Solution
Upgrade to version
...- Details
- Category: Security Announcements
[20120307] - Core - Information Disclosure
- Project: Joomla!
- SubProject: All
- Severity: Low
- Versions: 2.5.3 and all earlier 2.5.x versions
- Exploit type: Information Disclosure
- Reported Date: 2012-January-7
- Fixed Date: 2012-April-2
Description
Inadequate permission checking allows unauthorised viewing of some administrative back end information.
Affected Installs
Joomla! versions 2.5.3 and all earlier
...- Details
- Category: Security Announcements
[20120301] - Core - SQL Injection
- Project: Joomla!
- SubProject: All
- Severity: High
- Versions: 2.5.1, 2.5.0 and 1.7.0 - 1.7.5
- Exploit type: SQL Injection
- Reported Date: 2012-February-29
- Fixed Date: 2012-March-05
Description
Inadequate escaping leads to SQL injection vulnerability.
Affected Installs
Joomla! version 2.5.1, 2.5.0, 1.7.4, and all earlier 1.7.x versions
Solution
Upgrade to version
...- Details
- Category: Security Announcements