Menu

[20110404] – Core – XSS Vulnerabilities

April 15th, 2011

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 1.6.1 and 1.6.0
  • Exploit type: XSS Vulnerabilities
  • Reported Date: 2011-April-06
  • Fixed Date: 2011-April-14

Description

Unescaped values in administrative modal windows causes potential XSS vulnerabilities.

Affected Installs

Joomla! version 1.6.1 and 1.6.0 versions

Solution

Upgrade to the latest Joomla! version (1.6.2 or later)

Reported by Klas Berlič

Contact

The JSST at the Joomla! Security Center.