Joomla version 3.2.2 suffers from a persistent cross site scripting vulnerability, The issue was reported to the Joomla! Security Center on February 6, 2014. The cross site scripting (XSS) vulnerability affects variants 2.5.18 and earlier 2.5.x versions, and 3.2.2 and earlier 3.x versions.The unauthorized logins bug refers to inadequate checking that could have been exploited via Gmail authentication.
The affected versions are 2.5.18 and earlier 2.5.x, and 3.2.2 and earlier 3.x releases. The vulnerability was reported on February 21, 2014. CVE identifiers are pending for all the fixed security holes.
I would suggest's Joomla users update their installations immediately. You may download the latest version Joomla.
On 7th March 2014, Joomla released a new version of Advanced Module Manager
- Fixed issue with php warning about strpos() in some cases
- JOOMLA 3.x Fixed issue with ACL not working correctly (assets table)
- JOOMLA 3.x Fixed issue with SQL error on saving on some setups
- JOOMLA 3.x Fixed issue with error about DateTime on some J3.2.3 setups
No comments:
Post a Comment