The security update can be downloaded here


[20090723] - Core - com_mailto Timeout Issue

Posted: 22 Jul 2009 04:36 PM PDT

  • Project: Joomla!
  • SubProject: com_mailto
  • Severity: Low
  • Versions: 1.5.13 and all previous 1.5 releases
  • Exploit type: Email
  • Reported Date: 2009-July-28
  • Fixed Date: 2009-July-30


In com_mailto, it was possible to bypass timeout protection against sending automated emails.

Affected Installs

All 1.5.x installs prior to and including 1.5.13 are affected.


Upgrade to latest Joomla! version (1.5.14 or newer).

Reported by WHK and Gergő Erdősi

Best Canadian Web Host for Joomla

Joomla Web Hosting Canada RSS Feed