Joomla "search" Cross-Site Scripting Vulnerability

SECUNIA ADVISORY ID:
SA39964

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/39964/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=39964

RELEASE DATE:
2010-06-01

DESCRIPTION:
Riyaz Ahemed Walikar has discovered a vulnerability in Joomla, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Input passed to the "search" parameter in administrator/index.php
(when "option" is set to "com_users", "com_trash", "com_content",
"com_sections", "com_categories", "com_frontpage", "com_messages",
"com_banners", "com_contact", "com_menus" when "task" is set to
"view", "com_newsfeeds", "com_poll", "com_weblinks", "com_modules",
or "com_plugins") is not properly sanitised before being returned to
the user. This can be exploited to execute arbitrary HTML and script
code in a user's browser session in context of an affected site.

SOLUTION:
Update to version 1.5.18 or later.

PROVIDED AND/OR DISCOVERED BY:
Riyaz Ahemed Walikar

ORIGINAL ADVISORY:
http://developer.joomla.org/security/news/314-20100501-core-xss-vulnerabilities-in-back-end.html

RECENT ARTICLE

RECENT POST