First published: Thu Feb 26 2009(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and description parameters to the com_weblinks module and (2) unspecified vectors in the com_content module related to "article submission."
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Joomla Joomla | =1.5.5 | |
Joomla Joomla | =1.0.13 | |
Joomla Joomla | =1.0.9 | |
Joomla Joomla | =1.5 | |
Joomla Joomla | =1.5.0_rc1 | |
Joomla Joomla | <=1.5.7 | |
Joomla Joomla | =1.5.0_beta2 | |
Joomla Joomla | =1.0 | |
Joomla Joomla | =1.5.0-beta2 | |
Joomla Joomla | =1.5.3 | |
Joomla Joomla | =1.5.2 | |
Joomla Joomla | =1.0.1 | |
Joomla Joomla | =1.5.0-beta1 | |
Joomla Joomla | =1.0.3 | |
Joomla Joomla | =1.0.6 | |
Joomla Joomla | =1.0.8 | |
Joomla Joomla | =1.0.4 | |
Joomla Joomla | =1.0.2 | |
Joomla Joomla | =1.5.0_beta | |
Joomla Joomla | =1.0.10 | |
Joomla Joomla | =1.5.0_beta1 | |
Joomla Joomla | =1.5.1 | |
Joomla Joomla | =1.5rc4 | |
Joomla Joomla | =1.0.12 | |
Joomla Joomla | =1.03 | |
Joomla Joomla | =1.5.4 | |
Joomla Joomla | =1.0.5 | |
Joomla Joomla | =1.0.7 | |
Joomla Joomla | =1.0.0 | |
Joomla Joomla | =1.0.14 | |
Joomla Joomla | =1.0.11 | |
Joomla Joomla | =1.5.0-rc1 | |
Joomla Joomla | =1.5rc3 | |
Joomla Joomla | =1.5.6 | |
Joomla Joomla | =1.5.0-beta |
http://developer.joomla.org/security/news/284-20081102-core-comweblinks-xss-vulnerability.html
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.