Joomla Security Update for Multiple Vulnerabilities Versions below 3.6.1

Just got another notice of an update to Joomla for a few vulnerabilities
XSS
XSS vulnerability.

Description

Inadequate escaping leads to XSS vulnerability in mail component.

Affected Installs

Joomla! CMS versions 1.6.0 through 3.6.0

Solution

Upgrade to version 3.6.1

ACL
ACL vulnerability.

Description

Inadequate ACL checks in com_content provide potential read access to data which should be access restricted to users with edit_own level.

Affected Installs

Joomla! CMS versions 1.6.0 through 3.6.0

Solution

Upgrade to version 3.6.1

Core CSRF
Core CSRF vulnerability.

Description

Add additional CSRF hardening in com_joomlaupdate

Affected Installs

Joomla! CMS versions 3.6.0

Solution

Upgrade to version 3.6.1

Tagged:

Comments

Sign In or Register to comment.