• Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 2.5.9 and earlier 2.5.x versions. 3.0.3 and earlier 3.0.x versions.
  • Exploit type: XSS Vulnerability
  • Reported Date: 2013-February-15
  • Fixed Date: 2013-April-24
  • CVE Number: None

Description

Use of old version of Flash-based file uploader leads to XSS vulnerability.

Affected Installs

Joomla! version 2.5.9

...

Version 12.2 ("Neil Armstrong") of the Joomla Platform was tagged and released on 21 September 2012. It is the second release of the 12.x series. Joomla Platform 12.2 was also included in the Joomla CMS 3.0 release. In addition to numerous bug fixes, it also brings new features, the main ones: Version 12.2 of the Joomla Platform released

  • New (and generic) web application routers
  • New password
...

  • Project: Joomla!
  • SubProject: All
  • Severity: Moderate
  • Versions: 3.0.1 and 3.0.0.
  • Exploit type: Clickjacking vulnerability
  • Reported Date: 2012-October-15
  • Fixed Date: 2012-November-08
  • CVE Number: CVE-2012-5827

Description

Inadequate protection leads to clickjacking vulnerability.

Affected Installs

Joomla! version 3.0.1 and 3.0.0.

Solution

Upgrade to version 3.0.2

R

...

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 3.0.0
  • Exploit type: XSS Vulnerability
  • Reported Date: 2012-October-01
  • Fixed Date: 2012-October-09

Description

Typographical error leads to XSS vulnerability in language search component.

Affected Installs

Joomla! version 3.0.0.

Solution

Upgrade to version 3.0.1

Reported by Jeff Channell

Contact

The JSST at

...

  • Project: Joomla!
  • SubProject: All
  • Severity: Moderate
  • Versions: 2.5.7 and all earlier 2.5.x versions
  • Exploit type: Clickjacking vulnerability
  • Reported Date: 2012-October-15
  • Fixed Date: 2012-November-08
  • CVE Number: CVE-2012-5827

Description

Inadequate protection leads to clickjacking vulnerability.

Affected Installs

Joomla! version 2.5.7 and all earlier 2.5.x

...

© 2019 Extly, CB - All rights reserved.