Mise à jour de sécurité Joomla 2.5.2

Pensez à mettre à jour votre site :

Security News

[20120301] - Core - SQL Injection

  • Project: Joomla!
  • SubProject: All
  • Severity: High
  • Versions: 2.5.1, 2.5.0 and 1.7.0 - 1.7.5
  • Exploit type: SQL Injection
  • Reported Date: 2012-February-29
  • Fixed Date: 2012-March-05

Description

Inadequate escaping leads to SQL injection vulnerability.

Affected Installs

Joomla! version 2.5.1, 2.5.0, 1.7.4, and all earlier 1.7.x versions

Solution

Upgrade to version 2.5.2

Reported by Colin Wong

Contact

The JSST at the Joomla! Security Center.


  Security News

[20120302] - Core - XSS Vulnerability

  • Project: Joomla!
  • SubProject: All
  • Severity: Moderate
  • Versions: 2.5.1 and 2.5.0
  • Exploit type: XSS Vulnerability
  • Reported Date: 2012-February-29
  • Fixed Date: 2012-March-05

Description

Inadequate filtering leads to XSS vulnerability.

Affected Installs

Joomla! version 2.5.1 and 2.5.0.

Solution

Upgrade to version 2.5.2

Reported by Phil Purviance

Contact

The JSST at the Joomla! Security Center.

Lire la suite
0
  3873 lectures

joomla-conseil.com n'est ni affilié à Open Source Matters ou au projet Joomla!® ni approuvé par eux. Le nom Joomla! et le logo sont utilisé sous licence limitée accordée par Open Source Matters, propriétaire de la marque aux États-Unis et autres pays. joomla-conseil.com is not affiliated with or endorsed by The Joomla! Project™. Use of the Joomla!® name, symbol, logo and related trademarks is permitted under a limited license granted by Open Source Matters, Inc.