[20131101] Core XSS Vulnerability

  • Project: Joomla!
  • SubProject: All
  • Severity: High
  • Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
  • Exploit type: XSS Vulnerability
  • Reported Date: 2013-October-25
  • Fixed Date: 2013-November-06
  • CVE Number:


Inadequate filtering leads to XSS vulnerability in com_contact.

Affected Installs

Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.


Upgrade to version 2.5.16, 3.1.6 or 3.2.


The JSST at the Joomla! Security Center.

Reported By: Osanda Malith Jayathissa
[20131101] Core XSS Vulnerability

Read more http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/phTlsssMGkk/570-core-xss-20131101.html

Contact us

Need a Joomla Expert?