The essential news about content management systems and mobile technology. Powered by Joocial, XT Search for Algolia, and SlimApps.

Details
Category: Security Announcements
  • Project: Joomla!
  • SubProject: CMS
  • Severity: Moderate
  • Versions: 2.5.18 and earlier 2.5.x versions, 3.2.2 and earlier 3.x versions
  • Exploit type: XSS Vulnerability
  • Reported Date: 2014-March-05
  • Fixed Date: 2014-March-06
  • CVE Number: Pending

Description

Inadequate escaping leads to XSS vulnerability.

Affected Installs

Joomla! CMS versions 2.5.18 and earlier 2.5.x versions, 3.2.2 and earlier 3.x versions

Solution

Upgrade to version 2.5.19 or 3.2.3

Contact

The JSST at the Joomla! Security Center....

Reported By: JSST

Read more

Details
Category: Security Announcements
  • Project: Joomla!
  • SubProject: CMS
  • Severity: Moderate
  • Versions: 2.5.18 and earlier 2.5.x versions, 3.2.2 and earlier 3.x versions
  • Exploit type: Unauthorised Logins
  • Reported Date: 2014-February-21
  • Fixed Date: 2014-March-06
  • CVE Number: Pending

Description

Inadequate checking allowed unauthorised logins via GMail authentication.

Affected Installs

Joomla! CMS versions 2.5.18 and earlier 2.5.x versions, 3.2.2 and earlier 3.x versions

Solution

Upgrade to version 2.5.19 or 3.2.3

Contact

The JSST at the Joomla! Security Center....

Reported By: Stefania Gaianigo

Read more

Details
Category: Security Announcements
  • Project: Joomla!
  • SubProject: All
  • Severity: High
  • Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
  • Exploit type: XSS Vulnerability
  • Reported Date: 2013-October-25
  • Fixed Date: 2013-November-06
  • CVE Number:

Description

Inadequate filtering leads to XSS vulnerability in com_contact.

Affected Installs

Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.15, 3.1.6 or 3.2.

Contact

The JSST at the Joomla! Security Center....

Reported By: Osanda Malith

Read more

Details
Category: Security Announcements
  • Project: Joomla!
  • SubProject: CMS
  • Severity: High
  • Versions: 3.1.0 through 3.2.2
  • Exploit type: SQL Injection
  • Reported Date: 2014-February-06
  • Fixed Date: 2014-March-06
  • CVE Number: Pending

Description

Inadequate escaping leads to SQL injection vulnerability.

Affected Installs

Joomla! CMS versions 3.1.0 through 3.2.2

Solution

Upgrade to version 3.2.3

Contact

The JSST at the Joomla! Security Center....

Reported By: ??

Read more

Details
Category: Security Announcements
  • Project: Joomla!
  • SubProject: All
  • Severity: Moderate
  • Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
  • Exploit type: XSS Vulnerability
  • Reported Date: 2013-October-06
  • Fixed Date: 2013-November-06
  • CVE Number:

Description

Inadequate filtering leads to XSS vulnerability in com_contact, com_weblinks, com_newsfeeds.

Affected Installs

Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.15, 3.1.6 or 3.2.

Contact

The JSST at the Joomla! Security Center....

Reported By: Osanda Malith

Read more

  1. [20131103] Core XSS Vulnerability
  2. [20130801] - Core - Unauthorised Uploads
  3. [20130407] - Core - XSS Vulnerability
  4. [20130403] - Core - XSS Vulnerability

© 2019 Extly, CB - All rights reserved.