Joomla You!Hostit! Template Cross-Site Scripting Vulnerability 

SECUNIA ADVISORY ID:
SA37601

VERIFY ADVISORY:
http://secunia.com/advisories/37601/

DESCRIPTION:
andresg888 has reported a vulnerability in the You!Hostit! template
for Joomla, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Input passed to the "created_by_alias" parameter in index.php is not
properly sanitised before being returned to the user. This can be
exploited to execute arbitrary HTML and script code in a user's
browser session in context of an affected site.

The vulnerability is reported in version 1.0.1. Other versions may
also be vulnerable.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY:
andresg888

ORIGINAL ADVISORY:
http://www.exploit-db.com/exploits/10301

DOWNLOAD
JOOMLA!

Download Joomla!

Joomla! 4.x Thai Translation Language Packs

Joomla! 3.x Thai Translation Language Packs

OUR NETWORK


CMSPlugin.com
Joomla Extensions, Joomla Templates

Joomla!® User Group Thailand
Joomla!® User Group Thailand


Marvelic Engine Co., Ltd. รับพัฒนาเว็บไซต์ด้วย Joomla! , รับอบรม Joomla , ผู้เชี่ยวชาญ จูมล่า
รับทำเว็บ Joomla, อบรบ Joomla

Ribbon