- Core - Frontend XSS - HTTP_REFERER not properly filtered
- Project: Joomla!
- SubProject: Site client
- Severity: Moderate
- Versions: 1.5.11 and all previous 1.5 releases
- Exploit type: XSS
- Reported Date: 2009-June-30
- Fixed Date: 2009-June-30
All 1.5.x installs prior to and including 1.5.11 are affected.
Upgrade to latest Joomla! version (1.5.12 or newer).
Reported by Juan Galiana Lara (Internet Security Auditors)
The JSST at the Joomla! Security Center.