The Joomla! Developer Network ™

Download

Demo

Security News

[20130202] - Core - Information Disclosure

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 3.0.2 and earlier 3.0.x versions.
  • Exploit type: Information disclosure
  • Reported Date: 2013-January-16
  • Fixed Date: 2013-February-4
  • CVE Number: CVE-2013-1455

Description

Undefined variable caused information disclosure in some situations.

Affected Installs

Joomla! version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 3.0.3.

Reported by Mark Dexter

Contact

The JSST at the Joomla! Security Center.

[20130203] - Core - Information Disclosure

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 3.0.2 and earlier 3.0.x versions.
  • Exploit type: Information disclosure
  • Reported Date: 2013-January-13
  • Fixed Date: 2013-February-4
  • CVE Number: CVE-2013-1454

Description

Coding errors led to information disclosure in some situations.

Affected Installs

Joomla! version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 3.0.3.

Reported by Stergios Kolios

Contact

The JSST at the Joomla! Security Center.

[20121001] - Core - XSS Vulnerability

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 3.0.0
  • Exploit type: XSS Vulnerability
  • Reported Date: 2012-October-01
  • Fixed Date: 2012-October-09

Description

Typographical error leads to XSS vulnerability in language search component.

Affected Installs

Joomla! version 3.0.0.

Solution

Upgrade to version 3.0.1

Reported by Jeff Channell

Contact

The JSST at the Joomla! Security Center.

[20130201] - Core - Information Disclosure

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 3.0.2 and earlier 3.0.x versions; version 2.5.8 and earlier 2.5.x versions.
  • Exploit type: Information disclosure
  • Reported Date: 2012-October-31
  • Fixed Date: 2013-February-4
  • CVE Number: CVE-2013-1453

Description

Method of encoding search terms led to possible information disclosure.

Affected Installs

Joomla! version 3.0.2 and earlier 3.0.x versions; version 2.5.8 and earlier 2.5.x versions.

Solution

Upgrade to version 3.0.3 or 2.5.9.

Reported by Egidio Romano

Contact

The JSST at the Joomla! Security Center.

[20121101] - Core - Clickjacking

  • Project: Joomla!
  • SubProject: All
  • Severity: Moderate
  • Versions: 3.0.1 and 3.0.0.
  • Exploit type: Clickjacking vulnerability
  • Reported Date: 2012-October-15
  • Fixed Date: 2012-November-08
  • CVE Number: CVE-2012-5827

Description

Inadequate protection leads to clickjacking vulnerability.

Affected Installs

Joomla! version 3.0.1 and 3.0.0.

Solution

Upgrade to version 3.0.2

Reported by Ajay Singh Negi

Contact

The JSST at the Joomla! Security Center.

More Articles...

  1. [20121102] - Core - Clickjacking
  2. [20120902] - Core - XSS Vulnerability
  3. [20120901] - Core - XSS Vulnerability
  4. [20120601] - Core - Privilege Escalation
  5. [20120602] - Core - Information Disclosure
  6. [20120307] - Core - Information Disclosure
  7. [20120308] - Core - XSS Vulnerability
  8. [20120305] - Core - Password Change
  9. [20120306] - Core - Information Disclosure
  10. [20120304] - Core - Password Change

Page 1 of 19

«StartPrev12345678910NextEnd»

Resources

  • API
  • Platform Manual
  • Pull Test Results
  • Google Summer of Code 2012

Joomla! Press

Development News

  • PLT Meeting Notes - February 2013
  • Version 12.3 of the Joomla Platform released

Support Joomla!
Related searches:
joomla version reported earlier security
gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.