Menu

[20110308] – Core – CSRF Vulnerability

March 5th, 2011

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 1.6.0
  • Exploit type: Cross Site Request Forgery
  • Reported Date: 2011-March-04
  • Fixed Date: 2011-March-07

Description

Inadequate token checking leads to cross-site request forgery vulnerability.

Affected Installs

Joomla! version 1.6.0.

Solution

Upgrade to the latest Joomla! version (1.6.1 or later)

Reported by Marius van Rijnsoever

Contact

The JSST at the Joomla! Security Center.