Latest News

LEO satellite operators could be beyond Australian data laws

iTnews Executive Retreats: Navigating Leadership in the Age of Data and AI

Macquarie University appoints interim AI chief

Britain pilots social media bans, time limits and curfews for children

OpenAI drops AI video tool Sora

Joomla! XSS turns users to admins

By SC Australia Staff

Oct 4 2011 12:01PM

Affects versions up to 1.70.

Multiple cross site scripting (XSS) vulnerabilities have been discovered in content management system Joomla!.

Joomla! XSS turns users to admins

The attacks require login and allow users to impersonate administrator functions.

Three vulnerabilities affect core components of Joomla! version 1.70 and below and were found by the Burma-based YEHG hacking group.

The vulnerabilities were patched in Joomla! version 1.71.

One XSS vulnerability, which uses the searchword parameter, was previously reported to Joomla! but was not “completely” fixed, the hacking group said.

More information is available on the websites of YEGH and Joomla!

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

cms joomla security vulnerabilities xss

Partner Content

AI-driven attacks shrinking response window for security teams, Elastic warns

Partner Content AI-driven attacks shrinking response window for security teams, Elastic warns

From Faster Coding to Accelerated Innovation Cycles: How Intelligent Orchestration Unlocks AI's Promise

Promoted Content From Faster Coding to Accelerated Innovation Cycles: How Intelligent Orchestration Unlocks AI's Promise

Re(AI)magining Melbourne: Persistent accelerates Australia’s enterprise AI momentum

Promoted Content Re(AI)magining Melbourne: Persistent accelerates Australia’s enterprise AI momentum

How digital pharmacy platforms are redefining healthcare in Australia

Promoted Content How digital pharmacy platforms are redefining healthcare in Australia

Sponsored Whitepapers

5 reasons to adopt a mobile first security strategy

5 reasons to adopt a mobile first security strategy

Uncomplicate IT Service Delivery with AI Agents

Uncomplicate IT Service Delivery with AI Agents

Getting ahead of the tech: what’s next for Australian organisations in digital transformation

Getting ahead of the tech: what’s next for Australian organisations in digital transformation

Fintech compliance made fast and secure

Fintech compliance made fast and secure

How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide

How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide

Events

Most Read Articles

Australia's critical infrastructure security laws "toothless"

Australia's critical infrastructure security laws "toothless"

CBA builds two AI agents to boost cyber defences

CBA builds two AI agents to boost cyber defences

"CanisterWorm" supply chain malware attacks npm

"CanisterWorm" supply chain malware attacks npm

US regulator bans imports of new foreign-made routers

US regulator bans imports of new foreign-made routers

Sydney-based AI-cloud waste startup raises $3m

Sydney-based AI-cloud waste startup raises $3m

Brennan uses NiCE to modernise its contact centre

Brennan uses NiCE to modernise its contact centre

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Interactive introduces private cloud platform

Interactive introduces private cloud platform

Digital61 expands cybersecurity portfolio

Digital61 expands cybersecurity portfolio

Most popular tech stories