VERIFY ADVISORY:
http://secunia.com/advisories/35278/
DESCRIPTION:
Some vulnerabilities have been reported in Joomla!, which can be
exploited by malicious users to conduct script insertion attacks and
by malicious people to conduct cross-site scripting attacks.
1) Certain unspecified input is not properly sanitised before being
used. This can be exploited to insert arbitrary HTML and script code,
which will be executed in a user's browser session in the context of
an affected site when the malicious data is displayed.
2) Certain unspecified input passed to the user view of the com_users
core component is not properly sanitised before being returned to the
user. This can be exploited to execute arbitrary HTML and script code
in a user's browser session in context of an affected site.
3) Certain unspecified input passed to the "JA_Purity" template is
not properly sanitised before being returned to the user. This can be
exploited to execute arbitrary HTML and script code in a user's
browser session in context of an affected site.
The vulnerabilities are reported in Joomla! 1.5.10 and all prior
1.5.x releases.
SOLUTION:
Update to version 1.5.11.
http://www.joomla.org/download.html
PROVIDED AND/OR DISCOVERED BY:
1) Reported by the vendor.
2) The vendor credits Airton Torres.
3) The vendor credits Juan Galiana Lara.
ORIGINAL ADVISORY:
1) http://developer.joomla.org/security/news/297-20090602-core-frontend-xss.html
2) http://developer.joomla.org/security/news/295-20090601-core-comusers-xss.html
3) http://developer.joomla.org/security/news/296-20090602-core-japurity-xss.html