Description

Joomla! Core is prone to a spam vulnerability. Exploiting this issue may allow attackers to send spam through the affected website. Joomla! Core version 1.6.0 is vulnerable.

Remediation

Update to Joomla! Core version 1.6.1 or latest

References

http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=24288

https://www.exploit-db.com/exploits/15979/

https://www.joomla.org/announcements/release-news/5350-joomla-161-released.html

Related Vulnerabilities

WordPress Plugin Jigoshop Unspecified Vulnerability (1.10.5)

WordPress Plugin Advanced Woo Search Information Disclosure (1.99)

WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.38)

WordPress Plugin Learning Courses Privilege Escalation (4.7)

WordPress Plugin JobSearch WP Job Board Cross-Site Scripting (1.5.1)

Severity

High

Classification

CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update