[Full-disclosure] Fwd: Joomla! Security News
Henri Salo
henri at nerv.fi
Wed Jul 20 14:15:42 BST 2011
Joomla! Developer Network - Security News
///////////////////////////////////////////
[20110701] - XSS Vulnerability
Posted: 19 Jul 2011 09:15 PM PDT
http://feedproxy.google.com/~r/JoomlaSecurityNews/~3/4KDvSjZRIvs/357-20110701-xss-vulnerability.html?utm_source=feedburner&utm_medium=email
Project: Joomla!
SubProject: All
Severity: Medium
Versions: 1.6.5 and all earlier 1.6.x versions
Exploit type: XSS
Reported Date: 2011-July-11
Fixed Date: 2011-July-19
Description
Inadequate escaping leads to XSS vulnerability.
Affected Installs
Joomla! version 1.6.5 and all earlier 1.6.x versions
Solution
Upgrade to the latest Joomla! version (1.7.0 or later)
Reported by Aung Khant
Contact
The JSST at the Joomla! Security Center.
Full-Disclosure is hosted and sponsored by Secunia.