- Core - com_mailto Timeout Issue
- Project: Joomla!
- SubProject: com_mailto
- Severity: Low
- Versions: 1.5.13 and all previous 1.5 releases
- Exploit type: Email
- Reported Date: 2009-July-28
- Fixed Date: 2009-July-30
In com_mailto, it was possible to bypass timeout protection against sending automated emails.
All 1.5.x installs prior to and including 1.5.13 are affected.
Upgrade to latest Joomla! version (1.5.14 or newer).
Reported by WHK and Gergő Erdősi
The JSST at the Joomla! Security Center.