oss-security - Re: Fwd: Joomla! Security News

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Message-ID: <1020327824.1475004.1311193706140.JavaMail.root@zmail01.collab.prod.int.phx2.redhat.com>
Date: Wed, 20 Jul 2011 16:28:26 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: coley <coley@...re.org>
Subject: Re: Fwd: Joomla! Security News

Please use CVE-2011-2708

Thanks.

-- 
    JB

----- Original Message -----
> Joomla! Developer Network - Security News
> 
> ///////////////////////////////////////////
> [20110701] - XSS Vulnerability
> 
> Posted: 19 Jul 2011 09:15 PM PDT
> http://feedproxy.google.com/~r/JoomlaSecurityNews/~3/4KDvSjZRIvs/357-20110701-xss-vulnerability.html?utm_source=feedburner&utm_medium=email
> 
> 
> Project: Joomla!
> SubProject: All
> Severity: Medium
> Versions: 1.6.5 and all earlier 1.6.x versions
> Exploit type: XSS
> Reported Date: 2011-July-11
> Fixed Date: 2011-July-19
> 
> Description
> 
> Inadequate escaping leads to XSS vulnerability.
> 
> Affected Installs
> 
> Joomla! version 1.6.5 and all earlier 1.6.x versions
> Solution
> 
> Upgrade to the latest Joomla! version (1.7.0 or later)
> 
> Reported by Aung Khant
> Contact
> 
> The JSST at the Joomla! Security Center.

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.