Some important Joomla! Security News for our Webmasters!

[20150908] - Core - XSS Vulnerability

Posted: 08 Sep 2015 07:25 PM PDT

Project: Joomla!
SubProject: CMS
Severity: Low
Versions: 3.4.0 through 3.4.3
Exploit type: XSS Vulnerability
Reported Date: 2015-August-18
Fixed Date: 2015-September-08
CVE Number: requested


Inadequate escaping leads to XSS vulnerability in login module.
Affected Installs

Joomla! CMS versions 3.4.0 through 3.4.3

Upgrade to version 3.4.4

The JSST at the Joomla! Security Center.