Joomla! Developer Network

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 3.0.2 and earlier 3.0.x versions; version 2.5.8 and earlier 2.5.x versions.
  • Exploit type: Information disclosure
  • Reported Date: 2012-October-31
  • Fixed Date: 2013-February-4
  • CVE Number: CVE-2013-1453

Description

Method of encoding search terms led to possible information disclosure.

Affected Installs

Joomla! version 3.0.2 and earlier 3.0.x versions; version 2.5.8 and earlier 2.5.x versions.

Solution

Upgrade to version 3.0.3 or 2.5.9.

Reported by Egidio Romano

Contact

The JSST at the Joomla! Security Center.

LTS Release

STS Release

Note: View known compatibility Issues

Current Release: 1.1.0

Upcoming Release: 1.2

Joomla! Reading

Joomla! Programming

Joomla! Programming

Mark Dexter & Louis Landry
Joomla! Templates

Joomla! Templates

Angie Radtke