Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 557860 (CVE-2015-5397)

Summary: <www-apps/joomla-3.4.3: Cross-Site Request Forgery (CVE-2015-5397)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: fauli, harold, oli.huber, proxy-maint, web-apps
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: ~4 [noglsa cve]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2015-08-15 16:04:13 UTC 
CVE-2015-5397 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5397):
  Cross-site request forgery (CSRF) vulnerability in Joomla! 3.2.0 through
  3.3.x and 3.4.x before 3.4.2 allows remote attackers to hijack the
  authentication of unspecified victims for requests that upload code via
  unknown vectors.
Comment 1 Yury German Gentoo Infrastructure gentoo-dev 2015-09-13 14:24:37 UTC 
Current version in tree = 3.4.3 
Maintainer(s), Thank you for your work
Closing noglsa.