Security News
[20130202] - Core - Information Disclosure
- Project: Joomla!
- SubProject: All
- Severity: Low
- Versions: 3.0.2 and earlier 3.0.x versions.
- Exploit type: Information disclosure
- Reported Date: 2013-January-16
- Fixed Date: 2013-February-4
- CVE Number: CVE-2013-1455
Description
Undefined variable caused information disclosure in some situations.
Affected Installs
Joomla! version 3.0.2 and earlier 3.0.x versions.
Solution
Upgrade to version 3.0.3.
Reported by Mark Dexter
Contact
The JSST at the Joomla! Security Center.
[20130203] - Core - Information Disclosure
- Project: Joomla!
- SubProject: All
- Severity: Low
- Versions: 3.0.2 and earlier 3.0.x versions.
- Exploit type: Information disclosure
- Reported Date: 2013-January-13
- Fixed Date: 2013-February-4
- CVE Number: CVE-2013-1454
Description
Coding errors led to information disclosure in some situations.
Affected Installs
Joomla! version 3.0.2 and earlier 3.0.x versions.
Solution
Upgrade to version 3.0.3.
Reported by Stergios Kolios
Contact
The JSST at the Joomla! Security Center.
[20121001] - Core - XSS Vulnerability
- Project: Joomla!
- SubProject: All
- Severity: Low
- Versions: 3.0.0
- Exploit type: XSS Vulnerability
- Reported Date: 2012-October-01
- Fixed Date: 2012-October-09
Description
Typographical error leads to XSS vulnerability in language search component.
Affected Installs
Joomla! version 3.0.0.
Solution
Upgrade to version 3.0.1
Reported by Jeff Channell
Contact
The JSST at the Joomla! Security Center.
[20130201] - Core - Information Disclosure
- Project: Joomla!
- SubProject: All
- Severity: Low
- Versions: 3.0.2 and earlier 3.0.x versions; version 2.5.8 and earlier 2.5.x versions.
- Exploit type: Information disclosure
- Reported Date: 2012-October-31
- Fixed Date: 2013-February-4
- CVE Number: CVE-2013-1453
Description
Method of encoding search terms led to possible information disclosure.
Affected Installs
Joomla! version 3.0.2 and earlier 3.0.x versions; version 2.5.8 and earlier 2.5.x versions.
Solution
Upgrade to version 3.0.3 or 2.5.9.
Reported by Egidio Romano
Contact
The JSST at the Joomla! Security Center.
[20121101] - Core - Clickjacking
- Project: Joomla!
- SubProject: All
- Severity: Moderate
- Versions: 3.0.1 and 3.0.0.
- Exploit type: Clickjacking vulnerability
- Reported Date: 2012-October-15
- Fixed Date: 2012-November-08
- CVE Number: CVE-2012-5827
Description
Inadequate protection leads to clickjacking vulnerability.
Affected Installs
Joomla! version 3.0.1 and 3.0.0.
Solution
Upgrade to version 3.0.2
Reported by Ajay Singh Negi
Contact
The JSST at the Joomla! Security Center.
More Articles...
- [20121102] - Core - Clickjacking
- [20120902] - Core - XSS Vulnerability
- [20120901] - Core - XSS Vulnerability
- [20120601] - Core - Privilege Escalation
- [20120602] - Core - Information Disclosure
- [20120307] - Core - Information Disclosure
- [20120308] - Core - XSS Vulnerability
- [20120305] - Core - Password Change
- [20120306] - Core - Information Disclosure
- [20120304] - Core - Password Change
Page 1 of 19
«StartPrev12345678910NextEnd»