Full Disclosure mailing list archives
Re: Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability
From: YGN Ethical Hacker Group <lists () yehg net>
Date: Fri, 7 Jan 2011 17:31:53 +0800
Joomla! Security Team has confirmed that this issue will not be fixed.
While noted, your exploit report does not fall within the JSST remit as we no longer support J1.0.x branch (as you are aware and indicate). The vulnerability mentioned is not known to exist in any current supported release. Please ensure you are using the latest version of Joomla!
The advisory has been updated with vendor's response: http://yehg.net/lab/pr0js/advisories/joomla/core/%5Bjoomla_1.0.x~15%5D_cross_site_scripting The CVE ID, CVE-2011-0005, has been assigned for it. --------------------------------- Best regards, YGN Ethical Hacker Group Yangon, Myanmar http://yehg.net Our Lab | http://yehg.net/lab Our Directory | http://yehg.net/hwd _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Jan 05)
- Re: Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Jan 07)
- Re: Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Jan 13)
- Re: Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Jan 13)