[joomla] Fwd: Joomla! Security News
Mkonop
mkonop at gmail.com
Tue Mar 6 08:39:08 EST 2012
Sent from my iPhone
Begin forwarded message:
> From: "Joomla! Developer Network - Security News" <no_reply at joomla.org>
> Date: March 6, 2012 8:19:57 AM EST
> To: mkonop at gmail.com
> Subject: Joomla! Security News
>
> Joomla! Security News
>
> [20120302] - Core - XSS Vulnerability
> Posted: 05 Mar 2012 06:00 AM PST
> Project: Joomla!
> SubProject: All
> Severity: Moderate
> Versions: 2.5.1 and 2.5.0
> Exploit type: XSS Vulnerability
> Reported Date: 2012-February-29
> Fixed Date: 2012-March-05
> Description
>
> Inadequate filtering leads to XSS vulnerability.
>
> Affected Installs
>
> Joomla! version 2.5.1 and 2.5.0.
>
> Solution
>
> Upgrade to version 2.5.2
>
> Reported by Phil Purviance
>
> Contact
>
> The JSST at the Joomla! Security Center.
>
>
>
> [20120301] - Core - SQL Injection
> Posted: 05 Mar 2012 06:00 AM PST
> Project: Joomla!
> SubProject: All
> Severity: High
> Versions: 2.5.1, 2.5.0 and 1.7.0 - 1.7.4
> Exploit type: SQL Injection
> Reported Date: 2012-February-29
> Fixed Date: 2012-March-05
> Description
>
> Inadequate escaping leads to SQL injection vulnerability.
>
> Affected Installs
>
> Joomla! version 2.5.1, 2.5.0, 1.7.4, and all earlier 1.7.x versions
>
> Solution
>
> Upgrade to version 2.5.2
>
> Reported by Colin Wong
>
> Contact
>
> The JSST at the Joomla! Security Center.
>
>
>
> You are subscribed to email updates from Joomla! Developer Network - Security News
> To stop receiving these emails, you may unsubscribe now. Email delivery powered by Google
> Google Inc., 20 West Kinzie, Chicago IL USA 60610
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20120306/87ab7c34/attachment.html>
More information about the Joomla
mailing list