Joomla!®
Welcome to Joomla!

Joomla! is an award-winning open source CMS for building powerful websites.

Recent Joomla! News
Support Joomla!
- Shop Joomla! Gear
- Contribution
About
What Is Joomla?

Joomla is an award-winning content management system (CMS), which enables you to build Web sites and powerful online applications.
Read more...

Joomla! for Business

Joomla! is a extremely customizable and adaptable for Enterprise, SMBs, NPOs and beyond. Read more...

Joomla! for Developers

No matter what level of experience you hold, Joomla! has strengths to match; programmers, designers and end users alike!Read more...

Learn more about Joomla!
- The Software
- The Project
- The Leadership
- Open Source Matters
Community & Support
Connect!
Support!
Read!
Get involved with Joomla!

Joomla is an open source project and contributions from the community are essential to its growth and success. Anyone can contribute on any level, even newcomers can contribute to Joomla. Read more...
Extend
Directories
Developers
Download
Download Joomla! 2.5
- 2.5 Full Package
- Update Packages
- Demo Joomla! 2.5
Download Joomla! 1.5
- 1.5 Full Package
- Update Packages
- Demo Joomla! 1.5
Getting Started with Joomla!
Internationalization
Internationalization
Search...

The Joomla! Developer Network ™

Security News

[20081102] - Core - com_weblinks XSS vulnerability

Project: Joomla!
SubProject: com_weblinks
Severity:moderate
Versions: 1.5.7 and all previous 1.5 releases
Exploit type: XSS
Reported Date: 2008-November-9
Fixed Date: 2008-November-10

Description

com_weblinks allows raw HTML into the title and description tags for weblink submissions (from both the administrator and site submission forms).

Affected Installs

All 1.5.x installs prior to and including 1.5.7 are affected.

Solution

Upgrade to latest Joomla! version (1.5.8 or newer).

Reported By Gergo Erdosi

Contact

The JSST at the Joomla! Security Center.

Resources

Development News

Support Joomla!