• Project: Joomla!
• SubProject: All
• Severity: Low
• Versions: 3.0.0
• Exploit type: XSS Vulnerability
• Reported Date: 2012-October-01
• Fixed Date: 2012-October-09

Description

Typographical error leads to XSS vulnerability in language search component.

Affected Installs

Joomla! version 3.0.0.

Solution

Upgrade to version 3.0.1

Reported by Jeff Channell

Contact

The JSST at

• Project: Joomla!
• SubProject: All
• Severity: Moderate
• Versions: 3.0.1 and 3.0.0.
• Exploit type: Clickjacking vulnerability
• Reported Date: 2012-October-15
• Fixed Date: 2012-November-08
• CVE Number: CVE-2012-5827

Description

Inadequate protection leads to clickjacking vulnerability.

Affected Installs

Joomla! version 3.0.1 and 3.0.0.

Solution

Upgrade to version 3.0.2

R

• Project: Joomla!
• SubProject: All
• Severity: Moderate
• Versions: 2.5.7 and all earlier 2.5.x versions
• Exploit type: Clickjacking vulnerability
• Reported Date: 2012-October-15
• Fixed Date: 2012-November-08
• CVE Number: CVE-2012-5827

Description

Inadequate protection leads to clickjacking vulnerability.

Affected Installs

Joomla! version 2.5.7 and all earlier 2.5.x

• Project: Joomla!
• SubProject: All
• Severity: Low
• Versions: 3.0.2 and earlier 3.0.x versions; version 2.5.8 and earlier 2.5.x versions.
• Exploit type: Information disclosure
• Reported Date: 2012-October-31
• Fixed Date: 2013-February-4
• CVE Number: CVE-2013-1453
  

Description

Method of encoding search terms led to possible information disclosure.

Affected Installs

Joo