Joomla : Security vulnerabilities, CVEs published in November 2011

Copy

CVE-2011-4332

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.6.3 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Max CVSS

4.3

EPSS Score

0.45%

Published

2011-11-23

Updated

2011-11-28

CVE-2011-4321

The password reset functionality in Joomla! 1.5.x through 1.5.24 uses weak random numbers, which makes it easier for remote attackers to change the passwords of arbitrary users via unspecified vectors.

Max CVSS

5.0

EPSS Score

1.44%

Published

2011-11-23

Updated

2011-11-28

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!