The Joomla! Bug Squad, with the help of the Joomla! community, has been striving to make Joomla! the best it can be. And with the recent runner-up award in the Overall Best Open Source CMS category in the 2008 CMS Awards by PacktPub.com, Joomla! continues to press to forefront of web and enterprise CMS.Just two short months after Joomla! released its version 1.5.7, they release their newest version 1.5.8 -- codename: Wohnaiki. Primarily composed of bug fixes and 2 moderate-level security resolutions, this release did not contain any additions of any kind.
Security Fixes for Joomla! 1.5.8
There were two moderate level security fixes that took place in the 1.5.8 update. Both involved com_... XSS issues. Com_weblinks XSS Vulnerability – Allows raw HTML to be placed in the title and description tags for weblink submissions. Com_content XSS Vulnerability – Allows entry of dangerous HTML in the default article submission. It only affects users with Author access or above and only if there are no filters set up in com_content configuration.
Both of these security issues affect all versions of Joomla! 1.5.x up through and including version 1.5.7. Download the newest version to fix these security issues.
Visit Joomla.org to see a full list of release notes and get the low-down on all the other changes made by the Joomla! Bug Squad.
Click here to download Joomla! 1.5.8 (Full package). Click here to find an update package. Need Help? * New installation and technical requirements * Upgrade from an existing Joomla! 1.5 version * Migration from Joomla! 1.0.x