- Core - Frontend XSS - PHP_SELF not properly filtered
- Project: Joomla!
- SubProject: Site client
- Severity: Moderate
- Versions: 1.5.11 and all previous 1.5 releases
- Exploit type: XSS
- Reported Date: 2009-June-03
- Fixed Date: 2009-June-30
All 1.5.x installs prior to and including 1.5.11 are affected.
Upgrade to latest Joomla! version (1.5.12 or newer).
Reported By Paul Boekholt (Byte Internet)
The JSST at the Joomla! Security Center.