Frontpage

Newsletter & Updates

I am totally relaxed!

Because I know Joomlamonitor is working for me. Whenever my website is down, I get an instant alert (and a copy goes to my web-host too!)
Do you wanna try?

Searching for files online? File search system - best decision. Seop for search engine optimization. Now you can build a website by yourself.

[20090601] - Core - com_users XSS

Project: Joomla!
SubProject: com_users
Severity: Moderate
Versions: 1.5.10 and all previous 1.5 releases
Exploit type: XSS
Reported Date: 2009-April-30
Fixed Date: 2009-June-02

Description

A XSS vulnerability exists in the user view of com_users in the administrator panel.

Affected Installs

All 1.5.x installs prior to and including 1.5.10 are affected.

Solution

Upgrade to latest Joomla! version (1.5.11 or newer).

Reported by Airton Torres.

Contact

The JSST at the Joomla! Security Center.

Read full...

Author:

< Prev		Next >

More Articles in This Category
[20120202] - Core - Information Disclosure [20100423] - Core - Installer Migration Script [20100423] - Core - Negative Values for Limit and Offset [20110305] - Core - CSRF Vulnerability [20101101] - Core - XSS Vulnerabilities	[20110201] - Core - SQL Injection / Path Disclosure [20100701] - Core - SQL Injection / Internal Path Exposure [20100701] - Core - SQL Injection / Internal Path Exposure [20110902] - Core - XSS Vulnerability [20110408] - Core - SQL Injection