The Joomla! Bug Squad, with the help of the Joomla! community, has been striving to make Joomla! the best it can be. And with the recent runner-up award in the Overall Best Open Source CMS category in the 2008 CMS Awards by PacktPub.com, Joomla! continues to press to forefront of web and enterprise CMS.Just two short months after Joomla! released its version 1.5.7, they release their newest version 1.5.8 -- codename: Wohnaiki. Primarily composed of bug fixes and 2 moderate-level security resolutions, this release did not contain any additions of any kind.
Security Fixes for Joomla! 1.5.8
There were two moderate level security fixes that took place in the 1.5.8 update. Both involved com_... XSS issues. Com_weblinks XSS Vulnerability – Allows raw HTML to be placed in the title and description tags for weblink submissions. Com_content XSS Vulnerability – Allows entry of dangerous HTML in the default article submission. It only affects users with Author access or above and only if there are no filters set up in com_content configuration.
Both of these security issues affect all versions of Joomla! 1.5.x up through and including version 1.5.7. Download the newest version to fix these security issues.
Visit Joomla.org to see a full list of release notes and get the low-down on all the other changes made by the Joomla! Bug Squad.
Click here to download Joomla! 1.5.8 (Full package). Click here to find an update package. Need Help? * New installation and technical requirements * Upgrade from an existing Joomla! 1.5 version * Migration from Joomla! 1.0.x
CMSWire is a leading, native digital publication produced by Simpler Media Group, Inc. We provide articles, research and events for sophisticated professionals driving digital customer experience strategy, evolving the digital workplace and creating intelligent information management practices. The CMSWire team produces 450+ authoritative articles per quarter for our 750,000 community members. Join us as a subscriber.