The essential news about content management systems and mobile technology.
Powered by Joocial, XT Search for Algolia, and SlimApps.

  • Project: Joomla!
  • SubProject: CMS
  • Severity: Low
  • Versions: 3.4.0 through 3.4.3
  • Exploit type: XSS Vulnerability
  • Reported Date: 2015-August-18
  • Fixed Date: 2015-September-08
  • CVE Number: requested


Inadequate escaping leads to XSS vulnerability in login module.

Affected Installs

Joomla! CMS versions 3.4.0 through 3.4.3


Upgrade to version 3.4.4


The JSST at the Joomla! Security Center....

Reported By: cfreer

Read more