[20110903] – Core – Information Disclosure
Posted: 26 Sep 2011 01:59 PM PDT
Project: Joomla!
SubProject: All
Severity: Low
Versions: 1.7.0
Exploit type: Information Disclosure
Reported Date: 2011-September-23
Fixed Date: 2011-September-26
Description
Inadequate error checking causes information disclosure.
Affected Installs
Joomla! version 1.7.0
Solution
Upgrade to the latest Joomla! version (1.7.1 or later)
Reported by National Vulnerability Database
Contact
The JSST at the Joomla! Security Center.
[20110901] – Core – XSS Vulnerability
Posted: 22 Sep 2011 07:33 PM PDT
Project: Joomla!
SubProject: All
Severity: Medium
Versions: 17.0 and all 1.6.x versions
Exploit type: XSS
Reported Date: 2011-August-02
Fixed Date: 2011-September-22
Description
Inadequate escaping leads to XSS vulnerability in com_search.
Affected Installs
Joomla! version 1.7.0 and all 1.6.x versions
Solution
Upgrade to the latest Joomla! version (1.7.1 or later)
Reported by Aung Khant
Contact
The JSST at the Joomla! Security Center.
[20110902] – Core – XSS Vulnerability
Posted: 22 Sep 2011 07:33 PM PDT
Project: Joomla!
SubProject: All
Severity: Medium
Versions: 17.0 and all 1.6.x versions
Exploit type: XSS
Reported Date: 2011-August-02
Fixed Date: 2011-September-22
Description
Inadequate escaping leads to XSS vulnerability in back end.
Affected Installs
Joomla! version 1.7.0 and all 1.6.x versions
Solution
Upgrade to the latest Joomla! version (1.7.1 or later)
Reported by Aung Khant
Contact
The JSST at the Joomla! Security Center.