Joomla! XML-RPC / Blogger API Vulnerability

SECUNIA ADVISORY ID:
SA28861

VERIFY ADVISORY:
http://secunia.com/advisories/28861/

CRITICAL:
Moderately critical

IMPACT:
Manipulation of data

WHERE:
>From remote

SOFTWARE:
Joomla! 1.x
http://secunia.com/product/5788/

DESCRIPTION:
A vulnerability has been reported in Joomla!, which can be exploited
by malicious people to manipulate certain data.

The vulnerability is caused due to an error within XML-RPC in
combination with the blogger API plugin, which can be exploited to
manipulate or delete articles.

Successful exploitation requires that the blogger API plugin is
enabled.

The vulnerability is reported in version 1.5. Prior versions may also
be affected.

SOLUTION:
Update to version 1.5.1.
http://joomlacode.org/gf/project/joomla/frs/

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
http://www.joomla.org/component/option,com_jd-wp/Itemid,105/p,486/

RECENT ARTICLE

RECENT POST