- Core - Unauthorised Uploads
- Project: Joomla!
- SubProject: All
- Severity: Critical
- Versions: 2.5.13 and earlier 2.5.x versions. 3.1.4 and earlier 3.x versions.
- Exploit type: Unauthorised Uploads
- Reported Date: 2013-June-25
- Fixed Date: 2013-July-31
- CVE Number: Pending
Inadequate filtering leads to the ability to bypass file type upload restrictions.
Joomla! version 2.5.13 and earlier 2.5.x versions; and version 3.1.4 and earlier 3.x versions.
Upgrade to version 2.5.14 or 3.1.5.
The JSST at the Joomla! Security Center.