Subscribe to Joomla! Security Announcements - Click Here

Wed

03

Jun

2009

[20090602] - Core - ja_purity XSS
Wednesday, 03 June 2009 05:56
  • Project: Joomla!
  • SubProject: ja_purity
  • Severity: Moderate
  • Versions: 1.5.10 and all previous 1.5 releases
  • Exploit type: XSS
  • Reported Date: 2009-April-06
  • Fixed Date: 2009-June-02

Description

A XSS vulnerability exists in the JA_Purity template which ships with Joomla! 1.5.

Affected Installs

All 1.5.x installs prior to and including 1.5.10 are affected.

Solution

Upgrade to latest Joomla! version (1.5.11 or newer).

Reported by Juan Galiana Lara.

Contact

The JSST at the Joomla! Security Center.
Last Updated on Wednesday, 03 June 2009 05:56