Joomla! Password Enumeration Weakness and Cross Site Scripting Vulnerability
BID:50664
Info
Joomla! Password Enumeration Weakness and Cross Site Scripting Vulnerability
| Bugtraq ID: | 50664 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 14 2011 12:00AM |
| Updated: | Nov 14 2011 12:00AM |
| Credit: | Corne Hannema and David Jardin |
| Vulnerable: |
Joomla Joomla! 1.7.1 Joomla Joomla! 1.7.0 Joomla Joomla 1.7.2 Joomla Joomla 1.5.24 Joomla Joomla 1.5.22 Joomla Joomla 1.5.21 Joomla Joomla 1.5.20 Joomla Joomla 1.5.19 Joomla Joomla 1.5.18 Joomla Joomla 1.5.17 Joomla Joomla 1.5.16 Joomla Joomla 1.5.15 Joomla Joomla 1.5.14 Joomla Joomla 1.5.13 Joomla Joomla 1.5.12 Joomla Joomla 1.5.11 Joomla Joomla 1.5.10 Joomla Joomla 1.5.2 Joomla Joomla 1.5.1 Joomla Joomla 1.5 |
| Not Vulnerable: |
Joomla Joomla 1.7.3 Joomla Joomla 1.5.25 |
Discussion
Joomla! Password Enumeration Weakness and Cross Site Scripting Vulnerability
Joomla! is prone to a password enumeration weakness and a cross-site scripting vulnerability.
An attacker can exploit this issue to enumerate through valid passwords and then perform brute-force attacks to gain access to the affected application. Attackers can also execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This will allow attackers to steal cookie-based authentication credentials and launch other attacks.
Joomla! is prone to a password enumeration weakness and a cross-site scripting vulnerability.
An attacker can exploit this issue to enumerate through valid passwords and then perform brute-force attacks to gain access to the affected application. Attackers can also execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This will allow attackers to steal cookie-based authentication credentials and launch other attacks.
Exploit / POC
Joomla! Password Enumeration Weakness and Cross Site Scripting Vulnerability
An attacker can use brute-force techniques to exploit the password-enumeration weakness. To exploit the cross-site scripting issue, the attacker must entice an unsuspecting victim to follow a malicious URI.
An attacker can use brute-force techniques to exploit the password-enumeration weakness. To exploit the cross-site scripting issue, the attacker must entice an unsuspecting victim to follow a malicious URI.
Solution / Fix
Joomla! Password Enumeration Weakness and Cross Site Scripting Vulnerability
Solution:
The vendor has released an update to address this issue. Please see the references for details.
Solution:
The vendor has released an update to address this issue. Please see the references for details.
References
Joomla! Password Enumeration Weakness and Cross Site Scripting Vulnerability
References:
References:
- [20111101] - Core - XSS Vulnerability (Joomla!)
- [20111102] - Core - Password Change (Joomla!)
- Joomla! Homepage (Joomla )