Vigil@nce: Joomla, three vulnerabilities
October 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several Joomla vulnerabilities, in order to
obtain information or to create a Cross Site Scripting.
– Severity: 2/4
– Creation date: 27/09/2011
IMPACTED PRODUCTS
– Joomla!
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in Joomla.
An attacker can generate a Cross Site Scripting in com_search.
[severity:2/4; BID-49855, CVE-2011-3595]
An attacker can generate a Cross Site Scripting in the Back End.
[severity:2/4]
An attacker can generate an error, in order to obtain information.
[severity:2/4]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Joomla-three-vulnerabilities-11016