
Multiple vulnerabilities in Joomla!
Vulnerability: Multiple vulnerabilities in Joomla!
Danger: Low
Patch: Yes
Number of vulnerabilities: 1
CVE ID: CVE-2012-5827
Vector of operation: Remote
Impact: Cross Site Scripting
Security Bypass
Affected products: Joomla! 2.x
Affected versions: Joomla! 2.5.7 possibly earlier.
Description:
The vulnerability allows malicious people to conduct XSS attacks.
The vulnerability is caused due to the lack of authentication of HTTP requests when you perform some action. A remote user can perform CSRF attack.
Manufacturer URL: http://www.joomla.org/
Solution: Install the latest version 2.5.8 from the manufacturer.
links:
http://developer.joomla.org/security/news/544-20121102-core-clickjacking.html