Monday, 27 June 2011 14:37

[20110404] - Core - XSS Vulnerabilities

Rate this item
(0 votes)

[20110404] - Core - XSS Vulnerabilities

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 1.6.1 and 1.6.0
  • Exploit type: XSS Vulnerabilities
  • Reported Date: 2011-April-06
  • Fixed Date: 2011-April-14

Description

Unescaped values in administrative modal windows causes potential XSS vulnerabilities.

Affected Installs

Joomla! version 1.6.1 and 1.6.0 versions

Solution

Upgrade to the latest Joomla! version (1.6.2 or later)

Reported by Klas Berlič

Contact

The JSST at the Joomla! Security Center.

Read Full Article

Leave a comment

Make sure you enter the (*) required information where indicated. HTML code is not allowed.