Joomla! Newsletter Subscriber Plugin "name" and "email" Cross-Site Scripting Vulnerabilities

SECUNIA ADVISORY ID:
SA45083

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/45083/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=45083

RELEASE DATE:
2011-06-30
DESCRIPTION:
Two vulnerabilities have been reported in the Newsletter Subscriber
plugin for Joomla!, which can be exploited by malicious people to
conduct cross-site scripting attacks.

Input passed via the "name" and "email" POST parameter to index.php
when viewing pages using the plugin is not properly sanitised in
newsletter_subscriber.php before being returned to the user. This can
be exploited to execute arbitrary HTML and script code in a user's
browser session in context of an affected site.

The vulnerabilities are reported in version 1.3 for Joomla! 1.5 and
confirmed in version 1.2 for Joomla! 1.6. Prior versions may also be
affected.

SOLUTION:
Update to version 1.3 for Joomla! 1.5 (released June 28th, 2011) or
version 1.2 for Joomla! 1.6 (released June 29th, 2011).

PROVIDED AND/OR DISCOVERED BY:
Reported by the Joomla! VEL team.

ORIGINAL ADVISORY:
http://docs.joomla.org/Vulnerable_Extensions_List#Newsletter_Subscriber

RECENT ARTICLE

RECENT POST