Vigil@nce: Joomla, two Cross Site Scripting
October 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can generate two Cross Site Scripting in Joomla, in
order to execute JavaScript code in the context of the web site.
– Impacted products: Joomla
– Severity: 2/4
– Creation date: 14/09/2012
DESCRIPTION OF THE VULNERABILITY
Two vulnerabilities were announced in Joomla.
An attacker can generate a Cross Site Scripting. [severity:2/4;
20120901]
An attacker can generate a Cross Site Scripting in the language
switcher module. [severity:2/4; 20120902]
An attacker can therefore generate two Cross Site Scripting in
Joomla, in order to execute JavaScript code in the context of the
web site.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Joomla-two-Cross-Site-Scripting-11950