- Project: Joomla!
- SubProject: CMS
- Severity: High
- Versions: 1.5.0 through 3.4.5
- Exploit type: Remote Code Execution
- Reported Date: 2015-December-13
- Fixed Date: 2015-December-14
- CVE Numbers: CVE-2015-8562
Browser information is not filtered properly while saving the session values into the database which leads to a Remote Code Execution vulnerability.
Joomla! CMS versions 1.5.0 through 3.4.5
Upgrade to version 3.4.6
The JSST at the Joomla! Security Centre.
Reported By: Uwe Flottemensch