jeffchannell.com

Joomla Commentator 1.1b3 Admin XSS Vulnerability

Posted in Joomla!
2009-11-15 05:00:00 +0000 UTC

Joomla Commentator 1.1b3, a Joomla commenting plugin, suffers from an XSS vulnerability in its "title" field that enables attackers to possibly run scripts as an administrator.

title"/onmouseover="alert(/xss/.source)

Timeline