Latest News

WaterNSW to move on generative AI

Toymaker Hasbro investigates cyber security incident

In Pictures: iTnews Cloud Covered Breakfast Summit in Perth

Anthropic signs deal with federal government

Australia readies social media court action

Joomla! XSS turns users to admins

By SC Australia Staff

Oct 4 2011 12:01PM

Affects versions up to 1.70.

Multiple cross site scripting (XSS) vulnerabilities have been discovered in content management system Joomla!.

Joomla! XSS turns users to admins

The attacks require login and allow users to impersonate administrator functions.

Three vulnerabilities affect core components of Joomla! version 1.70 and below and were found by the Burma-based YEHG hacking group.

The vulnerabilities were patched in Joomla! version 1.71.

One XSS vulnerability, which uses the searchword parameter, was previously reported to Joomla! but was not “completely” fixed, the hacking group said.

More information is available on the websites of YEGH and Joomla!

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

cms joomla security vulnerabilities xss

Partner Content

AI-driven attacks shrinking response window for security teams, Elastic warns

Partner Content AI-driven attacks shrinking response window for security teams, Elastic warns

Context engineering emerges as ‘next battleground’ for enterprise AI

Partner Content Context engineering emerges as ‘next battleground’ for enterprise AI

AI Goals for 2026: What Every Organisation Should Prioritise

Promoted Content AI Goals for 2026: What Every Organisation Should Prioritise

How Optus brings your mobile-first security strategy to life

Partner Content How Optus brings your mobile-first security strategy to life

Sponsored Whitepapers

5 reasons to adopt a mobile first security strategy

5 reasons to adopt a mobile first security strategy

Uncomplicate IT Service Delivery with AI Agents

Uncomplicate IT Service Delivery with AI Agents

Getting ahead of the tech: what’s next for Australian organisations in digital transformation

Getting ahead of the tech: what’s next for Australian organisations in digital transformation

Fintech compliance made fast and secure

Fintech compliance made fast and secure

How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide

How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide

Events

Most Read Articles

Supply chain attack hits 100 million-download Axios npm package

Supply chain attack hits 100 million-download Axios npm package

NAB is co-designing a SIEM with Databricks

NAB is co-designing a SIEM with Databricks

APRA pulls data submission system after security pentest

APRA pulls data submission system after security pentest

Gov proposes disclosure delay for most serious cyberattacks

Gov proposes disclosure delay for most serious cyberattacks

Sydney-based AI-cloud waste startup raises $3m

Sydney-based AI-cloud waste startup raises $3m

Brennan uses NiCE to modernise its contact centre

Brennan uses NiCE to modernise its contact centre

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Interactive introduces private cloud platform

Interactive introduces private cloud platform

Digital61 expands cybersecurity portfolio

Digital61 expands cybersecurity portfolio

Most popular tech stories