- Project: Joomla!
- SubProject: All
- Severity: High
- Versions: 1.5.24 and all earlier 1.5 versions
- Exploit type: Password Change
- Reported Date: 2011-October-28
- Fixed Date: 2011-November-14
Weak random number generation during password reset leads to possibility of changing a user's password.
Joomla! version 1.5.24 and all earlier 1.5 versions
Upgrade to the latest Joomla! 1.5 version (1.5.25 or later)
The JSST at the Joomla! Security Centre.