Security: XSS vulnerability in 4.0 b1

Resolved Security: XSS vulnerability in 4.0 b1

Alex
Bug Report
Tuesday, 12 January 2010
Subscribe via email

My website which uses JoomlaComment has been hacked. :angry: Very sad experience.

The PHP files has malicious javascript appended at the end.

I found a security report: XSS vulnerability in JoomlaComment:
http://jeffchannell.com/Joomla/joomlacomment-40-beta1-multiple-xss-vulnerabilities.html

JoomlaComment is listed on the Vulnerable Extensions List:
http://docs.joomla.org/Vulnerable_Extensions_List

Has this been fixed in Beta2? Can you supply the fix to Jeff Channel for a check?

Responses (21)

There are %s replies to this question. If you want to see them you need a valid subscription.
If you have a valid subscription, please login now.
Visit store now

Please login to post a reply

You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here. Register Here »

Forgot Password?