zizozoro
Friend
[20110903] – Core – Information Disclosure
Posted: 26 Sep 2011 01:59 PM PDT
Project: Joomla!
SubProject: All
Severity: Low
Versions: 1.7.0
Exploit type: Information Disclosure
Reported Date: 2011-September-23
Fixed Date: 2011-September-26
Description
Inadequate error checking causes information disclosure.
Affected Installs
Joomla! version 1.7.0
Solution
Upgrade to the latest Joomla! version (1.7.1 or later)
Reported by National Vulnerability Database
Contact
The JSST at the Joomla! Security Center.
[20110901] – Core – XSS Vulnerability
Posted: 22 Sep 2011 07:33 PM PDT
Project: Joomla!
SubProject: All
Severity: Medium
Versions: 17.0 and all 1.6.x versions
Exploit type: XSS
Reported Date: 2011-August-02
Fixed Date: 2011-September-22
Description
Inadequate escaping leads to XSS vulnerability in com_search.
Affected Installs
Joomla! version 1.7.0 and all 1.6.x versions
Solution
Upgrade to the latest Joomla! version (1.7.1 or later)
Reported by Aung Khant
Contact
The JSST at the Joomla! Security Center.
[20110902] – Core – XSS Vulnerability
Posted: 22 Sep 2011 07:33 PM PDT
Project: Joomla!
SubProject: All
Severity: Medium
Versions: 17.0 and all 1.6.x versions
Exploit type: XSS
Reported Date: 2011-August-02
Fixed Date: 2011-September-22
Description
Inadequate escaping leads to XSS vulnerability in back end.
Affected Installs
Joomla! version 1.7.0 and all 1.6.x versions
Solution
Upgrade to the latest Joomla! version (1.7.1 or later)
Reported by Aung Khant
Contact
The JSST at the Joomla! Security Center.
jneubauer
Friend
This is something that we in the Bug Squad have already dealt with, and has already been fixed in Joomla! 1.7.1
If you are running a 1.7.0 site (the only version that has this vulnerability), all you have to do is use the update manager to move up to 1.7.1.
This topic contains 2 replies, has 2 voices, and was last updated by 
We moved to new unified forum. Please post all new support queries in our New Forum
