- Project: Joomla!
- SubProject: CMS
- Severity: Low
- Versions: 3.0.0 through 3.4.1
- Exploit type: Open Redirect
- Reported Date: 2015-April-08
- Fixed Date: 2015-June-30
- CVE Number: CVE-2015-5608
Description
Inadequate checking of the return value allowed to redirect to an external page.
Affected Installs
Joomla! CMS versions 3.0.0 through 3.4.1
Solution
Upgrade to version 3.4.2
Contact
The JSST at the Joomla! Security Centre.
Reported By: Eric Flokstra, Sharath Unni and Steven Sweeting