News Feed Category

Joomla! Security News

    • Project: Joomla!
    • SubProject: CMS
    • Impact:Low
    • Severity: Low
    • Versions: 2.5.0 through 3.9.1
    • Exploit type: XSS
    • Reported Date: 2018-December-05
    • Fixed Date: 2019-January-15
    • CVE Number: CVE-2019-6262

    Description

    Inadequate checks at the Global Configuration helpurl settings allowed a stored XSS.

    Affected Installs

    Joomla! CMS versions 2.5.0 through 3.9.1

    Solution

    Upgrade to version 3.9.2

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Mario Korth, Hackmanit
    • Project: Joomla!
    • SubProject: CMS
    • Impact:Low
    • Severity: Low
    • Versions: 2.5.0 through 3.9.1
    • Exploit type: XSS
    • Reported Date: 2018-November-29
    • Fixed Date: 2019-January-15
    • CVE Number: CVE-2019-6263

    Description

    Inadequate checks at the Global Configuration Text Filter settings allowed a stored XSS.

    Affected Installs

    Joomla! CMS versions 2.5.0 through 3.9.1

    Solution

    Upgrade to version 3.9.2

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Qualys WAF security team
    • Project: Joomla!
    • SubProject: CMS
    • Impact:Low
    • Severity: Low
    • Versions: 2.5.0 through 3.9.1
    • Exploit type: XSS
    • Reported Date: 2018-December-04
    • Fixed Date: 2019-January-15
    • CVE Number: CVE-2019-6261

    Description

    Inadequate escaping in com_contact leads to a stored XSS vulnerability

    Affected Installs

    Joomla! CMS versions 2.5.0 through 3.9.1

    Solution

    Upgrade to version 3.9.2

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Antonin Steinhauser
    • Project: Joomla!
    • SubProject: CMS
    • Impact:Low
    • Severity: Low
    • Versions: 2.5.0 through 3.9.1
    • Exploit type: XSS
    • Reported Date: 2018-December-01
    • Fixed Date: 2019-January-15
    • CVE Number: CVE-2019-6264

    Description

    Inadequate escaping in mod_banners leads to a stored XSS vulnerability.

    Affected Installs

    Joomla! CMS versions 2.5.0 through 3.9.1

    Solution

    Upgrade to version 3.9.2

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Antonin Steinhauser
    • Project: Joomla!
    • SubProject: CMS
    • Impact:Moderate
    • Severity: Low
    • Versions: 2.5.0 through 3.8.12
    • Exploit type: CSRF
    • Reported Date: 2018-September-26
    • Fixed Date: 2018-October-02
    • CVE Number: CVE-2018-17858

    Description

    Added additional CSRF hardening in com_installer actions in the backend.

    Affected Installs

    Joomla! CMS versions 2.5.0 through 3.8.12

    Solution

    Upgrade to version 3.8.13

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:Raviraj A. Powar

About Helix

Ball tip biltong pork belly frankfurter shankle jerky leberkas pig kielbasa kay boudin alcatra short loin.

Jowl salami leberkas turkey pork brisket meatball turducken flank bilto porke belly ball tip. pork belly frankf urtane bilto

Latest News

20 June 2018
20 June 2018
©2019 Your Company. All Rights Reserved. Designed By JoomShaper

Search