Jeff Channell | Joomla Commentator 1.1b3 Admin XSS Vulnerability | Joomla!

Joomla Commentator 1.1b3 Admin XSS Vulnerability

Sunday, 15 November 2009 00:00

Joomla Commentator 1.1b3, a Joomla commenting plugin, suffers from an XSS vulnerability in its "title" field that enables attackers to possibly run scripts as an administrator.

title"/onmouseover="alert(/xss/.source)

Timeline

Vulnerabilities Discovered: 3 November 2009
Vendor Notified: 3 November 2009
Vendor Response: ... 2009
Update Available: ... 2009
Disclosure: 15 November 2009

Last Updated on Thursday, 30 September 2010 17:35

Add your comment

Your name:
Comment:

Word verification:

Featured Extensions

JMan

FREE

UnDebug

$10.00
FREE
You Save: $10.00

JTemplateInfo

$3.00
FREE
You Save: $3.00

JoomFav

$3.00
FREE
You Save: $3.00

Latest Articles

Joomla! Remember Me Cookie Encryption Issues
Joomla! TinyMCE DOS
Joomla! 1.6.0 Multiple Minor Vulnerabilities
Joomla! JFilterInput XSS Bypass
JMyLife 1.0.16 Released

Most Popular

AS3 trim()
EasyBook 2.0.0rc4 Multiple XSS Vulnerabilities
Lyften Bloggie SQL Injection Fix
AJAX Loader Animation in Flex
Dirty Mednafen GUI

The Joomla!® name is used under a limited license from Open Source Matters in the United States and other countries. Jeff Channell is not affiliated with or endorsed by Open Source Matters or the Joomla!® Project.

Timeline

Add your comment

Featured Extensions

Latest Articles

Most Popular

Cart

Keywords

Template Info