Articles Thread, [20081102] - Core - com_weblinks XSS vulnerability in Joomla; [20081102] - Core - com_weblinks XSS vulnerability Monday, 10 November 2008 23:56 Project: Joomla! SubProject: com_weblinks Severity: moderate Versions: 1.5.7 ...

Short Link: http://forum.egypt.com/enforum/showthread.php?t=6565

Developer · 22-11-2008, 03:53 AM

[20081102] - Core - com_weblinks XSS vulnerability
Monday, 10 November 2008 23:56

Project: Joomla!
SubProject: com_weblinks
Severity:moderate
Versions: 1.5.7 and all previous 1.5 releases
Exploit type: XSS
Reported Date: 2008-November-9
Fixed Date: 2008-November-10

Description

com_weblinks allows raw HTML into the title and description tags for weblink submissions (from both the administrator and site submission forms).
Affected Installs All 1.5.x installs prior to and including 1.5.7 are affected.
Solution

Upgrade to latest Joomla! version (1.5.8 or newer).
Reported By Gergo Erdosi

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Acunetix Web Vulnerability Scanner 5.1.71204	Developer	Software and Programs	0	06-12-2008 07:20 PM
Core FTP LE 2.1 build 1576	Developer	Software and Programs	0	26-10-2008 12:46 PM
AMD Dual Core Optimizer v 9.0.333.0	Developer	Software and Programs	0	17-10-2008 06:06 AM
MSI Dual Core Center	Developer	Software and Programs	0	08-10-2008 03:47 PM
[20080904] - Core - Redirect Spam	Developer	Articles	0	21-09-2008 04:57 AM

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)