Joomla updates (1.5.26 and 2.5.4)

If you are using Joomla, now is a good time to check if your sites are updated. Some (high severity) vulnerabilities were fixed in the latest release, especially if you are still on the 1.5.x branch.

For 1.5.26:

High Priority – Core – Password Change Vulnerability.
Low Priority – Core – Information Disclosure.

For 2.5.4:

Low Priority – Core – Information Disclosure.
Low Priority – Core – XSS Vulnerability.

Version 2.5.3 (released 2 weeks ago) also contains multiple security fixes, so if you haven’t updated your sites lately, you better check them asap.

More details on their release notes for 1.5.26 and for 2.5.4.

*Remember, the leading cause for web site compromises is outdated software! So as a web site owner, you have to do your part to minimize risk and keep your site (and your users) safe. Update now!

Scan your website for free:
About David Dede

David Dede is a Security Researcher in the SucuriLabs group. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.