- Project: Joomla! Framework
- SubProject: Session
- Severity: High
- Versions: 1.0.0 through 1.3.0
- Exploit type: Remote Code Execution
- Reported Date: 2015-December-13
- Fixed Date: 2015-December-14
- CVE Number: CVE-2015-8566
Browser information is not filtered properly while saving the session values which leads to a Remote Code Execution vulnerability.
Joomla! Framework Session package versions 1.0.0 through 1.3.0
Upgrade to version 1.3.1
The JSST at the Joomla! Security Centre.