Joomla! Cross-Site Scripting and Cross-Site Request Forgery

SECUNIA ADVISORY ID:
SA34551

VERIFY ADVISORY:
http://secunia.com/advisories/34551/

DESCRIPTION:
Some vulnerabilities have been reported in Joomla!, which can be
exploited by malicious people to conduct cross-site scripting and
cross-site request forgery attacks.

1) Unspecified input related to the category view of the
"com_content" component is not properly sanitised before being
returned to the user. This can be exploited to execute arbitrary HTML
and script code in a user's browser session in context of an affected
site.

2) Unspecified input related to the "com_admin" and "com_search"
components is not properly sanitised before being returned to the
user. This can be exploited to execute arbitrary HTML and script code
in a user's browser session in context of an affected site.

3) The "com_media" component allows users to perform certain actions
via HTTP request without performing any validity checks to verify the
requests. This can be exploited to perform unspecified actions e.g.
when a logged in administrative user visits a malicious web site.

The vulnerabilities are reported in version 1.5.9. Prior versions may
also be affected.

SOLUTION:
Update to version 1.5.10.

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
http://developer.joomla.org/security/news/294-20090302-core-comcontent-xss.html
http://developer.joomla.org/security/news/293-20090301-core-multiple-xsscsrf.html

RECENT ARTICLE

RECENT POST