
Das Joomla Security Team meldet für heute gleich 4 Sicherheitsprobleme in den Versionen 3.1 und 2.5. Alle Lücken können durch aktuelle Updates gefixt werden. Daher sollte jeder seine Joomla-Webseite schnellst möglich aktualisieren.
[20140301] – Core – SQL Injection
Posted: 06 Mar 2014 12:30 PM PST Project: Joomla! SubProject: CMS Severity: <High Versions: 3.1.0 through 3.2.2 Exploit type: SQL Injection Reported Date: 2014-February-06 Fixed Date: 2014-March-06 CVE Number: Pending Description Inadequate escaping leads to SQL injection vulnerability. Affected Installs: Joomla! CMS versions 3.1.0 through 3.2.2 Solution Upgrade to version 3.2.3 Reported By: ??
[20140302] – Core – XSS Vulnerability
</pre> Posted: 06 Mar 2014 12:30 PM PST Project: Joomla! SubProject: CMS Severity: Moderate Versions: 3.1.2 through 3.2.2 Exploit type: XSS Vulnerability Reported Date: 2014-March-04 Fixed Date: 2014-March-06 CVE Number: Pending <strong>Description </strong>Inadequate escaping leads to XSS vulnerability in com_contact. Affected Installs Joomla! CMS versions 3.1.2 through 3.2.2 <strong>Solution </strong>Upgrade to version 3.2.3
[20140303] – Core – XSS Vulnerability
Posted: 06 Mar 2014 12:30 PM PST Project: Joomla! SubProject: CMS Severity: Moderate Versions: 2.5.18 and earlier 2.5.x versions, 3.2.2 and earlier 3.x versions Exploit type: XSS Vulnerability Reported Date: 2014-March-05 Fixed Date: 2014-March-06 CVE Number: Pending Description Inadequate escaping leads to XSS vulnerability. Affected Installs Joomla! CMS versions 2.5.18 and earlier 2.5.x versions, 3.2.2 and earlier 3.x versions Solution Upgrade to version 2.5.19 or 3.2.3 Reported By: JSST
[20140304] – Core – Unauthorised Logins
Posted: 06 Mar 2014 12:30 PM PST Project: Joomla! SubProject: CMS Severity: Moderate Versions: 2.5.18 and earlier 2.5.x versions, 3.2.2 and earlier 3.x versions Exploit type: Unauthorised Logins Reported Date: 2014-February-21 Fixed Date: 2014-March-06 CVE Number: Pending Description Inadequate checking allowed unauthorised logins via GMail authentication. Affected Installs Joomla! CMS versions 2.5.18 and earlier 2.5.x versions, 3.2.2 and earlier 3.x versions Solution Upgrade to version 2.5.19 or 3.2.3