Joomla Security Notice :: November 7, 2013

Started by Jason, November 07, 2013, 05:02:44 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Jason

November 07, 2013, 05:02:44 PM
Today's notice from Joomla:

Quote
Joomla! Security News

________________________________________
•   [20131101] Core XSS Vulnerability
•   [20131102] Core XSS Vulnerability
•   [20131103] Core XSS Vulnerability
[20131101] Core XSS Vulnerability
Posted: 06 Nov 2013 10:47 AM PST
?   Project: Joomla!
?   SubProject: All
?   Severity: High
?   Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
?   Exploit type: XSS Vulnerability
?   Reported Date: 2013-October-25
?   Fixed Date: 2013-November-06
?   CVE Number:
Description
Inadequate filtering leads to XSS vulnerability in com_contact.
Affected Installs
Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.
Solution
Upgrade to version 2.5.15, 3.1.6 or 3.2.
Contact
The JSST at the Joomla! Security Center.
Reported By: Osanda Malith



[20131102] Core XSS Vulnerability
Posted: 06 Nov 2013 10:47 AM PST
?   Project: Joomla!
?   SubProject: All
?   Severity: Moderate
?   Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
?   Exploit type: XSS Vulnerability
?   Reported Date: 2013-October-06
?   Fixed Date: 2013-November-06
?   CVE Number:
Description
Inadequate filtering leads to XSS vulnerability in com_contact, com_weblinks, com_newsfeeds.
Affected Installs
Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.
Solution
Upgrade to version 2.5.15, 3.1.6 or 3.2.
Contact
The JSST at the Joomla! Security Center.
Reported By: Osanda Malith



[20131103] Core XSS Vulnerability
Posted: 06 Nov 2013 10:47 AM PST
?   Project: Joomla!
?   SubProject: All
?   Severity: Moderate
?   Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
?   Exploit type: XSS Vulnerability
?   Reported Date: 2013-October-26
?   Fixed Date: 2013-November-06
?   CVE Number:
Description
Inadequate filtering leads to XSS vulnerability in com_contact.
Affected Installs
Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.
Solution
Upgrade to version 2.5.15, 3.1.6 or 3.2.
Contact
The JSST at the Joomla! Security Center.
Reported By: Osanda Malith
Print
Go Up Pages1
User actions