je.st
news
Joomla receives patches for zero-day SQL injection vulnerability
2014-03-10 19:12:52| InfoWorld: Top News
Recently released security updates for the popular Joomla CMS (content management system) address a SQL injection vulnerability that poses a high risk and can be exploited to extract information from the databases of Joomla-based sites. The Joomla Project released versions 3.2.3 and 2.5.19 of the open-source CMS Thursday. Both updates address two cross-site scripting (XSS) vulnerabilities in core components, but version 3.2.3 also patches a SQL injection flaw, publicly disclosed in early February, and an unauthorized log-in flaw in the Gmail-based authentication plug-in.
Tags: sql
receives
injection
patches
Category:Information Technology