Joomla Security Notice :: October 18, 2015

Started by Jason, October 18, 2015, 02:53:09 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Jason

October 18, 2015, 02:53:09 PM Last Edit: October 19, 2015, 08:58:38 AM by Jason
Joomla sent out a security notice today:

You can view it on their site here:

http://developer.joomla.org/security-centre/

Quote

[20150908] - Core - XSS Vulnerability

    Project: Joomla!
    SubProject: CMS
    Severity: Low
    Versions: 3.4.0 through 3.4.3
    Exploit type: XSS Vulnerability
    Reported Date: 2015-August-18
    Fixed Date: 2015-September-08
    CVE Number: CVE-2015-6939

Description

Inadequate escaping leads to XSS vulnerability in login module.
Affected Installs

Joomla! CMS versions 3.4.0 through 3.4.3
Solution

Upgrade to version 3.4.4

Print
Go Up Pages1
User actions