Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
February 09, 2012, 12:44:10


Advanced search »»

JoomlaTune Support Forum    JComments component    Bug-reports    Topic: Possible XSS Issue
Pages: [1]   Go Down
  Print  
Author Topic: Possible XSS Issue  (Read 1042 times)
0 Members and 1 Guest are viewing this topic.
gnomeontherun
Newbie
*

Karma: 0
Offline Offline

Posts: 4
« on: May 18, 2010, 21:00:06 »
http://www.securityfocus.com/archive/1/511320
Logged
smart
Administrator
Hero Member
*****

Karma: 146
Offline Offline

Gender: Male
Posts: 2579



WWW
« Reply #1 on: May 18, 2010, 22:21:17 »
It was fixed in JComments 2.2 (we wrote about this in JComments 2.2 release notes and www.htbridge.ch site). This is reason we've recommend all users upgrade to JComments 2.2...

But this vulnerability can be exploited only by user who has access to Joomla's backend. In most cases only trusted users has access to backend so in my mind this isn't so dangerous.
« Last Edit: May 18, 2010, 22:23:37 by smart » Logged
If you use JComments, please post a rating and a review at the Joomla! Extensions Directory
Pages: [1]   Go Up
  Print  
JoomlaTune Support Forum    JComments component    Bug-reports    Topic: Possible XSS Issue
« previous next »
 
Jump to: