Sunday, 15 November 2009 00:00

Joomla Commentator 1.1b3, a Joomla commenting plugin, suffers from an XSS vulnerability in its "title" field that enables attackers to possibly run scripts as an administrator.

title"/onmouseover="alert(/xss/.source)

Timeline

  • Vulnerabilites Discovered: 3 November 2009
  • Vendor Notified: 3 November 2009
  • Vender Response: ... 2009
  • Update Available: ... 2009
  • Disclosure: 15 November 2009
Last Updated on Sunday, 15 November 2009 19:18
 

Add your comment

Your name:
Comment:
  The word for verification. Lowercase letters only with no spaces.
Word verification:

Featured Extensions

$3.00
FREE
$5.00
$1.00
FREE
You Save: $1.00
Joomla Extensions