Joomla user password reset vulnerability being actively exploited
We've received reports from several readers (thanx, Ronaldo and anonymous) that they have seen successful exploitation of the Joomla user password reset vulnerability announced on 12 Aug (with an exploit posted to milw0rm at about the same time). If you have not yet upgraded to 1.5.6, do so ASAP
References:
http://developer.joomla.org/security/news/241-20080801-core-password-remind-functionality.html
http://www.us-cert.gov/current/index.html#joomla_password_reset_vulnerability
Keywords: joomla 
0 comment(s)
My next class:
| LINUX Incident Response and Threat Hunting | Online | Japan Standard Time | Oct 27th - Nov 1st 2025 | 
  
  ×
  
  ![modal content]() 
  
  
Diary Archives
         
              
Comments