Sent from my iPhone
Begin forwarded message: > From: "Joomla! Developer Network - Security News" <[email protected]> > Date: March 6, 2012 8:19:57 AM EST > To: [email protected] > Subject: Joomla! Security News > > Joomla! Security News > > [20120302] - Core - XSS Vulnerability > Posted: 05 Mar 2012 06:00 AM PST > Project: Joomla! > SubProject: All > Severity: Moderate > Versions: 2.5.1 and 2.5.0 > Exploit type: XSS Vulnerability > Reported Date: 2012-February-29 > Fixed Date: 2012-March-05 > Description > > Inadequate filtering leads to XSS vulnerability. > > Affected Installs > > Joomla! version 2.5.1 and 2.5.0. > > Solution > > Upgrade to version 2.5.2 > > Reported by Phil Purviance > > Contact > > The JSST at the Joomla! Security Center. > > > > [20120301] - Core - SQL Injection > Posted: 05 Mar 2012 06:00 AM PST > Project: Joomla! > SubProject: All > Severity: High > Versions: 2.5.1, 2.5.0 and 1.7.0 - 1.7.4 > Exploit type: SQL Injection > Reported Date: 2012-February-29 > Fixed Date: 2012-March-05 > Description > > Inadequate escaping leads to SQL injection vulnerability. > > Affected Installs > > Joomla! version 2.5.1, 2.5.0, 1.7.4, and all earlier 1.7.x versions > > Solution > > Upgrade to version 2.5.2 > > Reported by Colin Wong > > Contact > > The JSST at the Joomla! Security Center. > > > > You are subscribed to email updates from Joomla! Developer Network - Security > News > To stop receiving these emails, you may unsubscribe now. Email delivery > powered by Google > Google Inc., 20 West Kinzie, Chicago IL USA 60610
_______________________________________________ New York PHP SIG: Joomla! Mailing List http://lists.nyphp.org/mailman/listinfo/joomla NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
