• Project: Joomla!
  • SubProject: All
  • Severity: Medium
  • Versions: 1.7.0 and all 1.6.x versions
  • Exploit type: XSS
  • Reported Date: 2011-August-02
  • Fixed Date: 2011-September-22


Inadequate escaping leads to XSS vulnerability in com_search.

Affected Installs

Joomla! version 1.7.0 and all 1.6.x versions


Upgrade to the latest Joomla! version (1.7.1 or later)


The JSST at the Joomla! Security Centre.

Reported By: Aung Khant