Rilasciata la versione 1.5.18 di Joomla!
Note di rilascio.
Se sono state apportate modifiche per quanto riguarda l'override del template, preoccuparsi di effettuare un backup prima di procedere con l'upgrade.
Security
High Priority - Core - XSS Vulnerabilities in back end.
Description
Back-end user can inject javascript in various administrator screens.
Affected Installs
All 1.5.x installs prior to and including 1.5.17 are affected.
- Project: Joomla!
- SubProject: All
- Severity: High
- Versions: 1.5.17 and all previous 1.5 releases
- Exploit type: XSS Injection
- Reported Date: 2010-May-13
- Fixed Date: 2010-May-28
Solution
Upgrade to the latest Joomla! version (1.5.18 or later)
Components
- No component issues were fixed for this release.
Modules
- No module issues were fixed for this release.
Plugins
- Revert issue 19859 (Graceful handling of Apache plugin failures) (20424)
Legacy
- No legacy issues were fixed for this release.
Templates
- No Templates issues were fixed for this release.
Language
- No Language issues were fixed for this release.
Administrator
- No Administrator issues were fixed for this release.
System
- No System issues were fixed for this release.
Statistics for the 1.5.18 release period:
- Joomla 1.5.18 contains:
- 1 issues fixed in SVN
- 3 commits
- Tracker activity resulted in a net increase of 21 active issues:
- 29 new reports
- 7 closed
- 1 fixed in SVN
- At the time the 1.5.18 release was packaged, the tracker had 337 active issues:
- 195 open
- 105 confirmed
- 37 pending
| < Prec. | Succ. > |
|---|
