Jeff Channell | Joomla Commentator 1.1b3 Admin XSS Vulnerability | Joomla!

Joomla Commentator 1.1b3 Admin XSS Vulnerability

Sunday, 15 November 2009 00:00

Joomla Commentator 1.1b3, a Joomla commenting plugin, suffers from an XSS vulnerability in its "title" field that enables attackers to possibly run scripts as an administrator.

title"/onmouseover="alert(/xss/.source)

Timeline

Vulnerabilites Discovered: 3 November 2009
Vendor Notified: 3 November 2009
Vender Response: ... 2009
Update Available: ... 2009
Disclosure: 15 November 2009

Last Updated on Sunday, 15 November 2009 19:18

Add your comment

Your name:
Comment:

Word verification:

Featured Extensions

JTemplateInfo

$3.00

JMan

FREE

JNoGuest

$5.00

Joonami

$1.00
FREE
You Save: $1.00

Latest Articles

Most Popular

Jeff Channell

Cart

Your Cart is currently empty.

Keywords

mootools . module . fairmont . as3 . flash . release . bbcode . custom . joomla . jmylife . error . exploit . xss . jnoguest . template . extension . linux . jquery . wtf . fix . component . flex . php . css . list . jomsocial . vulnerability . javascript . update . plugin .

Template Info

Name
Circles
Creation Date
06/28/09
Author
Jeff Channell
Author Email
me@jeffchannell.com
Author URL
http://jeffchannell.com
Version
0.0.2
Description
Circles