Joomla Security Update 1.5.15

Details

The entire security update can be downloaded here

Joomla 1.5.15 upgrade patch files are here  

 

Important changes:

  • .htaccess change that prevents looking at your extensions XML file
  • PHP 5.3.x compatibility (except of OpenID library)
  • Core components caching

Notable bugfixes:

  • TinyMCE is now working properly - all remaining bugs created by the recent TinyMCE upgrade should be gone now
  • Mootols were upgraded to 1.12 to ensure future compatibility with Firefox 3.6
Complete details of the changes above can be read here .

 

Posted: 03 Nov 2009 08:31 AM PST

  • Project: Joomla!
  • SubProject: com_content
  • Severity: Moderate
  • Versions: 1.5.14 and all previous 1.5 releases
  • Exploit type: Front-End Editing
  • Reported Date: 2009-September-05
  • Fixed Date: 2009-November-03

Description

When logged into the front end with Author access, it was possible to replace an article written by another user.

Affected Installs

All 1.5.x installs prior to and including 1.5.14 are affected.

Solution

Upgrade to latest Joomla! version (1.5.15 or newer).

Reported by Hannes Papenberg

Related Articles

proudly-canadian-flag.gif
Best Canadian Web Host for Joomla

Our Latest Joomla News

Our Latest Joomla Tips

Joomla Web Hosting

Joomla Resources

Joomla Tech Services



Joomla Web Hosting Canada RSS Feed

Looking to build an online community ?