Joomla Wired

Joomla! Developer Network - Security News
  • [20120202] - Core - Information Disclosure
    • Project: Joomla!
    • SubProject: All
    • Severity: Moderate
    • Versions: 1.7.4 and all earlier 1.7.x versions
    • Exploit type: Information Disclosure
    • Reported Date: 2012-January-06
    • Fixed Date: 2012-February-02

    Description

    On some servers the error log could be read by unauthorised users.

    Affected Installs

    Joomla! version 1.7.4 and all earlier 1.7.x versions

    Solution

    Upgrade to version 2.5.1 or 1.7.5 or higher

    Reported by Alain Rivest

    Contact

    The JSST at the...

  • [20120203] - Core - Information Disclosure
    • Project: Joomla!
    • SubProject: All
    • Severity: Low
    • Versions: 2.5.0 and 1.7.0 - 1.7.4
    • Exploit type: Information Disclosure
    • Reported Date: 2012-January-29
    • Fixed Date: 2012-February-02

    Description

    Inadequate validation leads to path disclosure in administrator.

    Affected Installs

    Joomla! version 2.5.0, 1.7.4, and all earlier 1.7.x versions

    Solution

    Upgrade to version 2.5.1 or 1.7.5 or higher

    Reported by Jakub Galczyk

    Contact

    The JSST at the Joomla! Security Center.

  • [20120201] - Core - Information Disclosure
    • Project: Joomla!
    • SubProject: All
    • Severity: Low
    • Versions: 2.5.0 and 1.7.0 - 1.7.4
    • Exploit type: Information Disclosure
    • Reported Date: 2012-January-29
    • Fixed Date: 2012-February-02

    Description

    Inadequate validation leads to information disclosure in administrator.

    Affected Installs

    Joomla! version 2.5.0, 1.7.4, and all earlier 1.7.x versions

    Solution

    Upgrade to version 1.7.5 or 2.5.1 or higher

    Reported by Jakub Galczyk

    Contact

    The JSST at the Joomla! Security Center.

  • [20120103] - Core - Information Disclosure
    • Project: Joomla!
    • SubProject: All
    • Severity: Low
    • Versions: 1.7.3 and all earlier 1.7 and 1.6 versions
    • Exploit type: Information Disclosure
    • Reported Date: 2011-December-19
    • Fixed Date: 2012-January-24

    Description

    Inadequate filtering leads to information disclosure.

    Affected Installs

    Joomla! version 1.7.3 and all earlier versions

    Solution

    Upgrade to version 1.7.4 or 2.5.0 or higher

    Reported by Jean-Marie Simonet

    Contact

    The JSST at the Joomla! Security Center.


  • [20120101] - Core - Information Disclosure
    • Project: Joomla!
    • SubProject: All
    • Severity: Low
    • Versions: 1.7.3 and all earlier 1.7 and 1.6 versions
    • Exploit type: Information Disclosure
    • Reported Date: 2012-January-07
    • Fixed Date: 2012-January-24

    Description

    Inadequate filtering leads to information disclosure.

    Affected Installs

    Joomla! version 1.7.3 and all earlier versions

    Solution

    Upgrade to version 1.7.4 or 2.5.0 or higher

    Reported by Cyrille Barthelemy

    Contact

    The JSST at the Joomla! Security Center.


  • [20120102] - Core - XSS Vulnerability
    • Project: Joomla!
    • SubProject: All
    • Severity: Moderate
    • Versions: 1.7.3 and all earlier 1.7 and 1.6 versions
    • Exploit type: XSS Vulnerability
    • Reported Date: 2011-November-16
    • Fixed Date: 2012-January-24

    Description

    Inadequate filtering leads to XSS vulnerability.

    Affected Installs

    Joomla! version 1.7.3 and all earlier versions

    Solution

    Upgrade to version 1.7.4 or 2.5.0 or higher

    Reported by Ankita Kapadia

    Contact

    The JSST at the Joomla! Security Center.


  • [20120104] - Core - XSS Vulnerability
    • Project: Joomla!
    • SubProject: All
    • Severity: Moderate
    • Versions: 1.7.3 and all earlier versions
    • Exploit type: XSS Vulnerability
    • Reported Date: 2012-January-22
    • Fixed Date: 2012-January-24

    Description

    Inadequate filtering leads to XSS vulnerability.

    Affected Installs

    Joomla! version 1.7.3 and all earlier 1.7 and 1.6 versions

    Solution

    Upgrade to version 1.7.4 or 2.5.0 or higher

    Reported by David Jardin

    Contact

    The JSST at the Joomla! Security Center.


  • [20111101] - Core - XSS Vulnerability
    • Project: Joomla!
    • SubProject: All
    • Severity: Medium
    • Versions: 1.7.2 and all 1.6.x versions
    • Exploit type: XSS
    • Reported Date: 2011-October-21
    • Fixed Date: 2011-November-14

    Description

    Inadequate filtering leads to XSS vulnerability in back end.

    Affected Installs

    Joomla! version 1.7.2 and all earlier 1.7.x and 1.6.x versions

    Solution

    Upgrade to the latest Joomla! version (1.7.3 or later)

    Reported by Corné Hannema

    Contact

    The JSST at the

You are here  : Home Support Vulnerability News Joomla! Developer - Vulnerability News