• Project: Joomla!
  • SubProject: All
  • Severity: Medium
  • Versions: 1.7.0 and all 1.6.x versions
  • Exploit type: XSS
  • Reported Date: 2011-August-02
  • Fixed Date: 2011-September-22


Inadequate escaping leads to XSS vulnerability in back end.

Affected Installs

Joomla! version 1.7.0 and all 1.6.x versions


Upgrade to the latest Joomla! version (1.7.1 or later)


The JSST at the Joomla! Security Centre.

Reported By: Aung Khant