News
Vigil@nce: Joomla, several vulnerabilities
July 2009 by Vigil@nce
An attacker can execute JavaScript code in the context of the web site, or obtain internal information on Joomla.
Severity: 2/4
Consequences: client access/rights
Provenance: document
Means of attack: 1 attack
Ability of attacker: technician (2/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 3
Creation date: 01/07/2009
Revision date: 03/07/2009
IMPACTED PRODUCTS
Joomla!
DESCRIPTION OF THE VULNERABILITY
Three vulnerabilities were announced in Joomla.
The HTTP_REFERER variable, which contains the Referer header, is not correctly filtered. An attacker can therefore generate a Cross Site Scripting. [grav:2/4; 20090604]
The PHP_SELF variable, which contains a fragment of the requested url, is not correctly filtered. An attacker can therefore generate a Cross Site Scripting. [grav:2/4; 20090605]
Some PHP scripts do not use _JEXEC to limit their access. An attacker can therefore read their contents, in order to obtain information on internal paths. [grav:2/4; 20090606]
CHARACTERISTICS
Identifiers: 20090604, 20090605, 20090606, BID-35544,
VIGILANCE-VUL-8831
Url: http://vigilance.fr/vulnerability/Joomla-several-vulnerabilities-8831
