11-01-2011, 10:30 PM
Fecha de Ingreso: Nov 2005
 - Core - XSS Vulnerabilities
- Project: Joomla!
- SubProject: All
- Severity: Medium
- Versions: 1.5.20 and all previous 1.5 releases
- Exploit type: XSS Injection
- Reported Date: 2010-October-05
- Fixed Date: 2010-October-08
Inadequate filtering of multiple encoded entities permits XSS attacks in some circumstances.
All 1.5.x installs prior to and including 1.5.20 are affected.
Upgrade to the latest Joomla! version (1.5.21 or later)
Reported by YGN Ethical Hacker Group
The JSST at the Joomla! Security Center