Login to your account

Username *

Password *

Remember Me

[20150602] - Core - CSRF Protection

Details: Category: Joomla.org; Hits: 1317

Project: Joomla!
SubProject: CMS
Severity: Low
Versions: 3.2.0 through 3.4.1
Exploit type: CSRF Protection
Reported Date: 2015-April-06
Fixed Date: 2015-June-30
CVE Number: CVE-2015-5397

Description

Lack of CSRF checks potentially enabled uploading malicious code.

Affected Installs

Joomla! CMS versions 3.2.0 through 3.4.1

Solution

Upgrade to version 3.4.2

Contact

The JSST at the Joomla! Security Center.

Reported By: Eric Flokstra