[20190403] - Core - Object.prototype pollution in JQuery $.extend
- Details
- Joomla RSS Feed
- Kategorie: Joomla News
Project: Joomla! SubProject: CMS Impact: Low Severity: Moderate Versions: 3.0.0 through 3.9.4 Exploit type: XSS Reported Date: 2019-March-25 Fixed Date: 2019-April-09 CVE Number: TBA Description The $.extend method of JQuery is vulnerable to Object.prototype pollution attacks. Affected Installs Joomla! CMS versions 3.0.0 through 3.9.4 Solution Upgrade to version 3.9.5 Contact The JSST at the Joomla! Security Centre. Reported By: Michał Gołębiowski-Owczarek, David Jardin (JSST)
- Zugriffe: 830