Description

Joomla! Core is prone to a spam vulnerability. Exploiting this issue may allow attackers to send spam through the affected website. Joomla! Core version 1.6.0 is vulnerable.

Remediation

Update to Joomla! Core version 1.6.1 or latest

References

http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=24288

https://www.exploit-db.com/exploits/15979/

https://www.joomla.org/announcements/release-news/5350-joomla-161-released.html

Related Vulnerabilities

Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-10081)

WordPress Plugin Add Comments Cross-Site Scripting (1.0.1)

Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.7)

OpenSSL Resource Management Errors Vulnerability (CVE-2006-2937)

WordPress Plugin 123ContactForm for WordPress Multiple Vulnerabilities (1.5.6)

Severity

High

Classification

CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update