[20131102] Core XSS Vulnerability

Project: Joomla!
SubProject: All
Severity: Moderate
Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
Exploit type: XSS Vulnerability
Reported Date: 2013-October-06
Fixed Date: 2013-November-06
CVE Number:

Description

Inadequate filtering leads to XSS vulnerability in com_contact, com_weblinks, com_newsfeeds.

Affected Installs

Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.16, 3.1.6 or 3.2.

Contact

The JSST at the Joomla! Security Center.

Reported By: Osanda Malith Jayathissa

[20131102] Core XSS Vulnerability

Read more http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/GOUbBeWpb5Y/571-core-xss-20131102.html

Joomla Services

Joomla Websites

Help and Support

Need a Joomla Expert?

Phone: +61 (0)45 854 5003

WhatsApp: +61 (0)45 854 5003

Email: office@thejoomlaexpert.com