Cindy Chee has discovered a vulnerability in Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "Title" and "Section Name" form fields when creating new sections in Section Manager is not properly sanitised before being stored. This can be exploited to insert arbitrary HTML and script code, which is executed in a user's browser session in context of an affected site when the data is viewed. Successful exploitation requires that the target user has valid administrator credentials. The vulnerability is confirmed in version 1.0.12. Other versions may also be affected.
setting status and cc'ing herd.
from 1.0.13 Changelog: * SECURITY A6 [LOW Level]: Fixed [#5630] HRS attack on variable "url" * SECURITY A1 [LOW Level]: Fixed [#5654] Multiple fields subjected to cross-site scripting vulnerabilities * SECURITY A7 [LOW Level]: Fixed possible session fixation vulnerability in administrator application http://www.joomla.org/content/view/3670/78/
thanks for the info carlo. web-apps, please bump.
Created attachment 126615 [details] joomla-1.0.13.ebuild I couldn't wait so here is a versionbump to 1.0.13 Copy the postinstall txt file from the official one to files dir in your overlay. worked fine for me on http://olausson.de/ http://tanzclub-halle.de regards Bjoern
By the way, why not add the following statment at the beginning? if [[ -e ${MY_HTDOCSDIR}/INSTALL && -d ${MY_HTDOCSDIR}/INSTALL ]] ; then INSTALLED="NO" ; else INSTALLED="YES" ; fi And after copying the files we would remove the INSTALLED dir to prevent the user from manually removing the INSTALL dir. if [[ "$INSTALLED" == "YES" ]] ; then rm -rf ${MY_HTDOCSDIR}/INSTALL ; fi But it would be way better to not copy the INSTALL dir at all if joomla is already installed and configured. regards Bjoern
Thanks for the ebuild. Added to CVS. Package marked unstable on all archs. I removed 1.0.12 so I guess this is fixed. @Björn: The suggestion you have concerning the INSTALL dir would not work because of the way we use webapp-config. At least I assume that without further checking :) But during the installation we actually don't know if the webapp is actually installed or not. In any case such problems basically result from the way PHP stuff is installed which is somewhat flawed.
thanks guys, closing.