- Project: Joomla!
- SubProject: All
- Severity: High
- Versions: 1.5.25 and all earlier 1.5.x versions
- Exploit type: Password Change
- Reported Date: 2012-March-8
- Fixed Date: 2012-March-27
Insufficient randomness leads to password reset vulnerability.
Joomla! versions 1.5.25 and all earlier 1.5.x versions
Upgrade to version 1.5.26
The JSST at the Joomla! Security Centre.
Reported By: George Argyros and Aggelos Kiayias