http://developer.joomla.org/sf/frs/do/viewRelease/projects.joomla/frs.joomla_1_0.1_0_4 Reproducible: Always Steps to Reproduce: 1. 2. 3.
Joomla! SQL Injection and Cross-Site Scripting Vulnerabilities Secunia Advisory: SA17675 Print Advisory Release Date: 2005-11-22 Critical: Moderately critical Impact: Cross Site Scripting Manipulation of data Where: From remote Solution Status: Vendor Patch Software: Joomla! 1.x Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it. Description: Some vulnerabilities have been reported in Joomla!, which can be exploited by malicious people to conduct SQL injection or cross-site scripting attacks. 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site. 2) Input passed to the "Itemid" parameter in the "mod_poll" module is not sanitised properly before being used in a SQL query. This can potentially be exploited to manipulate SQL queries by injecting arbitrary SQL code. 3) Certain unspecified input passed to several methods in the "mosDBTable" class is not sanitised properly before being used in a SQL query. This can potentially be exploited to manipulate SQL queries by injecting arbitrary SQL code. Note: An error that potentially allows the misuse of the Media component file management functions has also been fixed. Solution: Update to version 1.0.4. http://developer.joomla.org/sf/go/projects.joomla/frs.joomla_1_0
web-apps please provide an updated ebuild.
In CVS, unstable on all arches.
Thx Renat. Since this was ~ on all arches I'll close with NO GLSA.
