Joomla! Security

Verschiedenes

Login
Home Security Announcements
Joomla! Security Announcements Drucken E-Mail

Joomla! Security Announcements

Auf dieser Seite können Sie die neuesten Security News von Joomla! lesen.
Der Content dieser Seite wird von Joomla.org zur Verfügung gestellt.

Sie können die Security News von folgender URL abonieren:
http://feeds.joomla.org/JoomlaSecurityNews

Current Feed Content
 
Joomla! Developer - Vulnerability News
Not only is Joomla! easy to use, but it is easy to add extra functionality through a flexible and powerful developer framework. The Joomla! Framework allows you to build exceptional extensions for Joomla! including components, modules, plugins, templates and language packs.
  • [20100704] - Core - XSS Vulnerabillitis in Back End
    • Project: Joomla!
    • SubProject: All
    • Severity: Medium
    • Versions: 1.5.19 and all previous 1.5 releases
    • Exploit type: XSS Injection
    • Reported Date: 2010-June-1
    • Fixed Date: 2010-July-15

    Description

    Back-end user can inject Javascript in various administrator screens.

    Affected Installs

    All 1.5.x installs prior to and including 1.5.19 are affected.

    Solution

    Upgrade to the latest Joomla! version (1.5.20 or later)

    Reported by Mesut Timur.

    Contact

    The JSST at the Joomla! Security Center.

  • [20100703] - Core - XSS Vulnerabillitis in Back End
    • Project: Joomla!
    • SubProject: All
    • Severity: Medium
    • Versions: 1.5.19 and all previous 1.5 releases
    • Exploit type: XSS Injection
    • Reported Date: 2010-June-8
    • Fixed Date: 2010-July-15

    Description

    Back-end user can inject Javascript in various administrator screens.

    Affected Installs

    All 1.5.x installs prior to and including 1.5.19 are affected.

    Solution

    Upgrade to the latest Joomla! version (1.5.20 or later)

    Reported by José Antonio Vázquez González

    Contact

    The JSST at the Joomla! Security Center.

  • [20100702] - Core - XSS Vulnerabillitis in Back End
    • Project: Joomla!
    • SubProject: All
    • Severity: Medium
    • Versions: 1.5.19 and all previous 1.5 releases
    • Exploit type: XSS Injection
    • Reported Date: 2010-June-8
    • Fixed Date: 2010-July-15

    Description

    Back-end user can inject Javascript in various administrator screens.

    Affected Installs

    All 1.5.x installs prior to and including 1.5.19 are affected.

    Solution

    Upgrade to the latest Joomla! version (1.5.20 or later)

    Reported by José Antonio Vázquez González

    Contact

    The JSST at the Joomla! Security Center.