- Project: Joomla!
- SubProject: CMS
- Severity: Low
- Versions: 3.2.0 through 3.4.1
- Exploit type: CSRF Protection
- Reported Date: 2015-April-06
- Fixed Date: 2015-June-30
- CVE Number: CVE-2015-5397
Description
Lack of CSRF checks potentially enabled uploading malicious code.
Affected Installs
Joomla! CMS versions 3.2.0 through 3.4.1
Solution
Upgrade to version 3.4.2
Contact
The JSST at the Joomla! Security Centre.
Reported By: Eric Flokstra
Брой прочитания на тази страница: 640[20150602] – Core – CSRF Protection