- Project: Joomla!
- SubProject: All
- Severity: Moderate
- Versions: 1.5.15 and all previous 1.5 releases
- Exploit type: Session fixation
- Reported Date: 2010-Mar-25
- Fixed Date: 2010-Apr-23
Session id doesn't get modified when user logs in. A remote site may be able to forward a visitor to the Joomla! site and set a specific cookie. If the user then logs in, the remote site can use that cookie to authenticate as that user.
All 1.5.x installs prior to and including 1.5.15 are affected.
Upgrade to the latest Joomla! version (1.5.16 or later)
Reported by Raúl Siles and Steven Pignataro