NYCPHP Meetup

[joomla] Fwd: Joomla! Security News

Mkonop mkonop at gmail.com
Tue Mar 6 08:39:08 EST 2012



Sent from my iPhone

Begin forwarded message:

> From: "Joomla! Developer Network - Security News" <no_reply at joomla.org>
> Date: March 6, 2012 8:19:57 AM EST
> To: mkonop at gmail.com
> Subject: Joomla! Security News
> 
> Joomla! Security News 
>  
> [20120302] - Core - XSS Vulnerability
> Posted: 05 Mar 2012 06:00 AM PST
> Project: Joomla!
> SubProject: All
> Severity: Moderate
> Versions: 2.5.1 and 2.5.0
> Exploit type: XSS Vulnerability
> Reported Date: 2012-February-29
> Fixed Date: 2012-March-05
> Description
> 
> Inadequate filtering leads to XSS vulnerability.
> 
> Affected Installs
> 
> Joomla! version 2.5.1 and 2.5.0.
> 
> Solution
> 
> Upgrade to version 2.5.2
> 
> Reported by Phil Purviance
> 
> Contact
> 
> The JSST at the Joomla! Security Center.
> 
> 
> 
> [20120301] - Core - SQL Injection
> Posted: 05 Mar 2012 06:00 AM PST
> Project: Joomla!
> SubProject: All
> Severity: High
> Versions: 2.5.1, 2.5.0 and 1.7.0 - 1.7.4
> Exploit type: SQL Injection
> Reported Date: 2012-February-29
> Fixed Date: 2012-March-05
> Description
> 
> Inadequate escaping leads to SQL injection vulnerability.
> 
> Affected Installs
> 
> Joomla! version 2.5.1, 2.5.0, 1.7.4, and all earlier 1.7.x versions
> 
> Solution
> 
> Upgrade to version 2.5.2
> 
> Reported by Colin Wong
> 
> Contact
> 
> The JSST at the Joomla! Security Center.
> 
> 
> 
> You are subscribed to email updates from Joomla! Developer Network - Security News 
> To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
> Google Inc., 20 West Kinzie, Chicago IL USA 60610
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20120306/87ab7c34/attachment.html>


More information about the Joomla mailing list