joomla
Page content
- Author: vmiklos
- Vulnerable: 1.0.12-2terminus1
- Unaffected: 1.0.13-1terminus1
Some vulnerabilities have been reported in Joomla!, which can be exploited by malicious people to conduct session fixation attacks, cross-site scripting attacks or HTTP response splitting attacks.
- Certain unspecified input passed in com_search, com_content and mod_login is not properly sanitised before being returned to a user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.
- Input passed to the “url” parameter is not properly sanitised before being returned to the user. This can be exploited to insert arbitrary HTTP headers, which will be included in a response sent to the user, allowing for execution of arbitrary HTML and script code in a user’s browser session in context of an affected site.
- An error exists in the handling of sessions and can be exploited to hijack another user’s session by tricking the user into logging in after following a specially crafted link.
- Bug Tracker URL: http://bugs.frugalware.org/task/2290
CVEs:
- No CVE for this issue, see: http://www.joomla.org/content/view/3677/1/