• Project: Joomla!
  • SubProject: CMS
  • Severity: Low
  • Versions: 3.0.0 through 3.4.1
  • Exploit type: Open Redirect
  • Reported Date: 2015-April-08
  • Fixed Date: 2015-June-30
  • CVE Number: CVE-2015-5608


Inadequate checking of the return value allowed to redirect to an external page.

Affected Installs

Joomla! CMS versions 3.0.0 through 3.4.1


Upgrade to version 3.4.2


The JSST at the Joomla! Security Centre.

Reported By: Eric Flokstra, Sharath Unni and Steven Sweeting