Jeff Channell | Rapid Forum XSS Vulnerability | Joomla!

Thursday, 17 September 2009 00:00

The Joomla component Rapid Forum suffers from a persistent XSS vulnerability.

This vulnerability is pretty easy to exploit, as Rapid Forum does absolutely no validation or encoding whatsoever.

<script>alert(document.cookie)</script>

Timeline

Vulnerabilities Discovered: 31 July 2009
Vendor Notified: 31 July 2009
Vendor Response: ... 2009
Update Available: ... 2009
Disclosure: 17 September 2009

Last Updated on Thursday, 30 September 2010 17:38

Add your comment

Your name:
Comment:

Word verification:

Featured Extensions

JTemplateInfo

$3.00
FREE
You Save: $3.00

JMyLife

$25.00

JoomFav

$3.00
FREE
You Save: $3.00

JMan

FREE

Latest Articles

Joomla! Remember Me Cookie Encryption Issues
Joomla! TinyMCE DOS
Joomla! 1.6.0 Multiple Minor Vulnerabilities
Joomla! JFilterInput XSS Bypass
JMyLife 1.0.16 Released

Most Popular

AS3 trim()
EasyBook 2.0.0rc4 Multiple XSS Vulnerabilities
Lyften Bloggie SQL Injection Fix
AJAX Loader Animation in Flex
Dirty Mednafen GUI

The Joomla!® name is used under a limited license from Open Source Matters in the United States and other countries. Jeff Channell is not affiliated with or endorsed by Open Source Matters or the Joomla!® Project.

Timeline

Add your comment

Featured Extensions

Latest Articles

Most Popular

Cart

Keywords

Template Info