[20130405] - Core - XSS Vulnerability

Project: Joomla!
SubProject: All
Severity: Low
Versions: 2.5.9 and earlier 2.5.x versions. 3.0.3 and earlier 3.0.x versions.
Exploit type: XSS Vulnerability
Reported Date: 2013-February-26
Fixed Date: 2013-April-24
CVE Number: CVE-2013-3059

Description

Inadequate filtering leads to XSS vulnerability in Voting plugin.

Affected Installs

Joomla! version 2.5.9 and earlier 2.5.x versions; and version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.10, 3.1.0 or 3.0.4.

Contact

The JSST at the Joomla! Security Center.

Reported By: Yannick Gaultier and Jeff Channell

[20130405] - Core - XSS Vulnerability

Read more http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/1mL44UqdHpw/80-20130405-core-xss-vulnerability.html

Joomla Services

Joomla Websites

Help and Support

Need a Joomla Expert?

Phone: +61 (0)45 854 5003

WhatsApp: +61 (0)45 854 5003

Email: office@thejoomlaexpert.com