1. Skip to Menu
  2. Skip to Content
  3. Skip to Footer

Every Joomla Part Customized

We have modified every single core Joomla component or module to suit the design of this template!

Security

[20130407] - Core - XSS Vulnerability

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 2.5.9 and earlier 2.5.x versions. 3.0.3 and earlier 3.0.x versions.
  • Exploit type: XSS Vulnerability
  • Reported Date: 2013-April-17
  • Fixed Date: 2013-April-24
  • CVE Number: CVE-2013-3267

Description

Inadequate filtering leads to XSS vulnerability in highlighter plugin.

Affected Installs

Joomla! version 2.5.9 and earlier 2.5.x versions; and version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.10,  3.1.0 or 3.0.4.

Contact

The JSST at the Joomla! Security Center.

Reported By: Vertical Pigeon

[20130401] - Core - Privilege Escalation

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 2.5.9 and earlier 2.5.x versions. 3.0.3 and earlier 3.0.x versions.
  • Exploit type: Privilege Escalation
  • Reported Date: 2013-March-29
  • Fixed Date: 2013-April-24
  • CVE Number: CVE-2013-3056

Description

Inadequate permission checking allows unauthorised user to delete private messages.

Affected Installs

Joomla! version 2.5.9 and earlier 2.5.x versions; and version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.10,  3.1.0 or 3.0.4.

Contact

The JSST at the Joomla! Security Center.

Reported By: Francois Gauthier

[20130403] - Core - XSS Vulnerability

  • Project: Joomla!
  • SubProject: All
  • Severity: Moderate
  • Versions: 2.5.9 and earlier 2.5.x versions. 3.0.3 and earlier 3.0.x versions.
  • Exploit type: XSS Vulnerability
  • Reported Date: 2013-March-9
  • Fixed Date: 2013-April-24
  • CVE Number: CVE-2013-3058

Description

Inadequate filtering allows possibility of XSS exploit in some circumstances.

Affected Installs

Joomla! version 2.5.9 and earlier 2.5.x versions; and version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.10,  3.1.0 or 3.0.4.

Contact

The JSST at the Joomla! Security Center.

Reported By: James Kettle

[20130405] - Core - XSS Vulnerability

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 2.5.9 and earlier 2.5.x versions. 3.0.3 and earlier 3.0.x versions.
  • Exploit type: XSS Vulnerability
  • Reported Date: 2013-February-26
  • Fixed Date: 2013-April-24
  • CVE Number: CVE-2013-3059

Description

Inadequate filtering leads to XSS vulnerability in Voting plugin.

Affected Installs

Joomla! version 2.5.9 and earlier 2.5.x versions; and version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.10,  3.1.0 or 3.0.4.

Contact

The JSST at the Joomla! Security Center.

Reported By: Yannick Gaultier and Jeff Channell

[20130402] - Core - Information Disclosure

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 2.5.9 and earlier 2.5.x versions. 3.0.3 and earlier 3.0.x versions.
  • Exploit type: Information Disclosure
  • Reported Date: 2013-March-29
  • Fixed Date: 2013-April-24
  • CVE Number: CVE-2013-3057

Description

Inadequate permission checking allows unauthorised user to see permission settings in some circumstances.

Affected Installs

Joomla! version 2.5.9 and earlier 2.5.x versions; and version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.10,  3.1.0 or 3.0.4.

Contact

The JSST at the Joomla! Security Center.

Reported By: Francois Gauthier