Joomla

[20110404] – Core – XSS Vulnerabilities

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 1.6.1 and 1.6.0
  • Exploit type: XSS Vulnerabilities
  • Reported Date: 2011-April-06
  • Fixed Date: 2011-April-14

Description

Unescaped values in administrative modal windows causes potential XSS vulnerabilities.

Affected Installs

Joomla! version 1.6.1 and 1.6.0 versions

Solution

Upgrade to the latest Joomla! version (1.6.2 or later)

Reported by Klas Berlič

Contact

The JSST at the Joomla! Security Center.

No comments yet.

Add your response

You must be logged in to post a comment.