CVE-2011-3747 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3747): Joomla! 1.6.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libraries/phpmailer/language/phpmailer.lang-joomla.php.
CVE-2011-2710 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2710): Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URI to includes/application.php, reachable through index.php; and, when Internet Explorer or Konqueror is used, (2) allow remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search action to index.php in the com_search component. NOTE: vector 2 exists because of an incomplete fix for CVE-2011-2509.5. CVE-2011-2509 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2509): Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the com_contact component, as demonstrated by the Itemid parameter to index.php; (2) the query string to the com_content component, as demonstrated by the filter_order parameter to index.php; (3) the query string to the com_newsfeeds component, as demonstrated by an arbitrary parameter to index.php; or (4) the option parameter in a reset.request action to index.php; and, when Internet Explorer or Konqueror is used, (5) allow remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search action to index.php in the com_search component. CVE-2011-2488 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2488): Joomla! before 1.5.23 does not properly check for errors, which allows remote attackers to obtain sensitive information via unspecified vectors. CVE-2010-4837 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4837): Cross-site scripting (XSS) vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the subject parameter (title field) in a saveTicket action to index2.php. NOTE: some of these details are obtained from third party information.
Please ignore CVE-2010-4837, thanks.
*** Bug 385493 has been marked as a duplicate of this bug. ***
Bumped. We need to think hard about an upgrade path from 1.5 to 1.7. Officially this is done inside a Joomla installation, but we cannot propose that in Gentoo.
Hi all, please check: http://developer.joomla.org/security/news/368-20110902-core-xss-vulnerability There is no need security bug, because the affected version was masked in tree and 1.5 is not affected.