• Project: Joomla!
  • Subproject: Site Client
  • Severity: Low
  • Versions: 1.5.10 and all previous 1.5 releases
  • Exploit type: XSS
  • Date Reported: 2009-May-05
  • Fixed Date: 2009-June-2002


Some Were output values from the database without Being Properly escaped. Were Most strings in question sourced from the administrator panel.

Affected Installs

All 1.5.x installs prior to and Including 1.5.10 are affected.


Upgrade to latest Joomla! version (1.5.11 or newer)