Joomla! Newsletter Subscriber Plugin URL Cross-Site Scripting Vulnerability

SECUNIA ADVISORY ID:
SA45118

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/45118/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=45118

RELEASE DATE:
2011-07-05
DESCRIPTION:
A vulnerability has been reported in the Newsletter Subscriber plugin
for Joomla!, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Input appended to the URL after index.php when viewing pages using
the plugin is not properly sanitised in newsletter_subscriber.php
before being returned to the user. This can be exploited to execute
arbitrary HTML and script code in a user's browser session in context
of an affected site.

Successful exploitation may require that the victim is running
Internet Explorer or Konqueror.

The vulnerability is reported in version 1.3 for Joomla! 1.5 and
version 1.2 for Joomla! 1.6. Prior versions may also be affected.

SOLUTION:
Update to version 1.3 for Joomla! 1.5 (released July 1st, 2011) or
version 1.2 for Joomla! 1.6 (released June 30th, 2011).

PROVIDED AND/OR DISCOVERED BY:
Reported by the Joomla! VEL team.

ORIGINAL ADVISORY:
http://docs.joomla.org/Vulnerable_Extensions_List#Newsletter_Subscriber