Latest News

CBA sets up dedicated AI risk committee for governance

ANZ deploys Agentforce to supercharge new CRM system

iTnews Executive Retreats: Creating Space for Leadership Conversations that Matter

Transport for NSW lands two NBN Co data leaders

NFL-Super Bowl prepares for potential AI cyber security threat

Joomla! XSS turns users to admins

By SC Australia Staff

Oct 4 2011 12:01PM

Affects versions up to 1.70.

Multiple cross site scripting (XSS) vulnerabilities have been discovered in content management system Joomla!.

Joomla! XSS turns users to admins

The attacks require login and allow users to impersonate administrator functions.

Three vulnerabilities affect core components of Joomla! version 1.70 and below and were found by the Burma-based YEHG hacking group.

The vulnerabilities were patched in Joomla! version 1.71.

One XSS vulnerability, which uses the searchword parameter, was previously reported to Joomla! but was not “completely” fixed, the hacking group said.

More information is available on the websites of YEGH and Joomla!

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

cms joomla security vulnerabilities xss

Partner Content

ctrl:cyber strengthens sovereign cyber capability with elevenM acquisition

Promoted Content ctrl:cyber strengthens sovereign cyber capability with elevenM acquisition

Local Technology Infrastructure Is Key to Australia’s Artificial Intelligence-Enabled Future

Promoted Content Local Technology Infrastructure Is Key to Australia’s Artificial Intelligence-Enabled Future

Identity at the Centre: Why AI Is Accelerating a New Security Imperative

Partner Content Identity at the Centre: Why AI Is Accelerating a New Security Imperative

Empowering Sustainability: Schneider Electric's Commitment to Driving Customer Success

Partner Content Empowering Sustainability: Schneider Electric's Commitment to Driving Customer Success

Sponsored Whitepapers

Uncomplicate IT Service Delivery with AI Agents

Uncomplicate IT Service Delivery with AI Agents

Getting ahead of the tech: what’s next for Australian organisations in digital transformation

Getting ahead of the tech: what’s next for Australian organisations in digital transformation

Fintech compliance made fast and secure

Fintech compliance made fast and secure

How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide

How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide

2025 Security operations insights: Three-quarters of security leaders need something new in SIEM

2025 Security operations insights: Three-quarters of security leaders need something new in SIEM

Events

Most Read Articles

Popular text editor Notepad++ was hacked to drop malware

Popular text editor Notepad++ was hacked to drop malware

NSW to overhaul state cyber emergency plan

NSW to overhaul state cyber emergency plan

'Moltbook' social media site for AI agents had big security hole

'Moltbook' social media site for AI agents had big security hole

Google busts giant IPIDEA residential proxy network

Google busts giant IPIDEA residential proxy network

Sydney-based AI-cloud waste startup raises $3m

Sydney-based AI-cloud waste startup raises $3m

Brennan uses NiCE to modernise its contact centre

Brennan uses NiCE to modernise its contact centre

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Interactive introduces private cloud platform

Interactive introduces private cloud platform

Digital61 expands cybersecurity portfolio

Digital61 expands cybersecurity portfolio

Most popular tech stories