Urgent Joomla 1.5 security vulnerability discovered

Get 20% OFF JomSocial

Click here to get up to $30 OFF the #1 community creation software for Joomla!

JomSocial gives your site an instant community--just like Facebook. Photos, videos, groups, walls & more! You'll LOVE it (and so will your members)!

Urgent Joomla 1.5 security vulnerability discovered

Wednesday, 13 August 2008 08:50

From the Joomla.org website:

The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.6 [Vusani]. This is a quick turnaround security release to address a high level security issue and it is recommended all users upgrade immediately.

A flaw in the reset token validation mechanism allows for non-validating tokens to be forged. This will allow an unauthenticated, unauthorized user to reset the password of the first enabled user (lowest id). Typically, this is an administrator user. Note, that changing the first users username may lessen the impact of this exploit (since the person who changed the password does not know the login associated with the new password). However, the only way to completely rectify the issue is to upgrade to 1.5.6 (or patch the /components/com_user/models/reset.php file).

For more information about this exploit, click here to visit the Joomla Security Blog.

Joomlashack, Building Professional Joomla Templates Since 2005.

Discover why professionals in-the-know love our Joomla Templates. Find the right Joomla Template at the right price. Find the best selection of Free Joomla Templates and Commercial Joomla Templates. Delight in our low a-la-carte pricing and our great designs. cool looking, bloat-free, easy to customize, SEO Joomla Templates. Joomlashack is committed to releasing regular free Joomla Templates. Please browse our library of Joomla 1.5, Joomla 1.7, and Joomla 2.5 Templates and remember, Joomlashack will launch 20+ new Joomla 2.5 Templates during the next year. Please visit our great selection of Joomla Extensions including Joomla Modules and Joomla Slideshows. Save with our Joomla Sale Codes for Jomsocial and other 3rd party Joomla Extensions.

Joomlashack's Joomla Help and Joomla Support.

When you buy from Joomlashack, you will obtain the best Joomla Support in the Joomlaverse. Our Joomla Experts will help you install our Joomla Templates and Extensions and show you "How to Joomla".

Joomlashack University, The number one Online Joomla Training center in the world. New School of SEO coming soon.

Joomlashack University, with the School of Joomla, has provided the best Joomla Training to the most Joomla Web Design Professionals on the web. Joomlashack University has tons of Joomla Content with Joomla Lessons, Joomla Courses, and lots of Joomla Video Tutorials. We will teach your Grandma How to Joomla. Soon we will teach her SEO and Conversion optimization too at the School of SEO and Conversion Optimization.

Commercial Joomla Templates

Joomlashack Blog

Joomlashack designs free and commercial Joomla Templates

Learn how to Joomla with our Joomla Training or join our lifetime Joomla Template Club

staminate-apollonian Simple WordPress Themes

Joomlashack professional and free Joomla templates

Urgent Joomla 1.5 security vulnerability discovered

Commercial Joomla Templates

Popular Joomla Tutorials

Joomlashack Blog