- Project: Joomla!
- SubProject: CMS
- Severity: High
- Versions: 3.1.0 through 3.2.2
- Exploit type: SQL Injection
- Reported Date: 2014-February-06
- Fixed Date: 2014-March-06
- CVE Number: Pending
Description
Inadequate escaping leads to SQL injection vulnerability.
Affected Installs
Joomla! CMS versions 3.1.0 through 3.2.2
Solution
Upgrade to version 3.2.3
Contact
The JSST at the Joomla! Security Center.
Read more http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/xcttKR2_t_4/578-20140301-core-sql-injection.html