Joomla 2.5.7 was just released today fixing 2 low severity security bugs and added a few other improvements. As always, we recommend all our Joomla users to update to 2.5.7 as soon as they can.
From their announcement page, here are the security bugs fixed:
- Low Priority – Core – XSS Vulnerability: Inadequate escaping of output leads to XSS vulnerability in language switcher module.
- Low Priority – Core – XSS Vulnerability: Inadequate escaping of output leads to XSS vulnerability.
Remember, the leading cause for website compromises is outdated software! So as a website owner, you have to do your part to minimize risk and keep your site (and your users) safe. Update now!
Sucuri SiteCheck was also updated to alert users not running version 2.5.7 on their Joomla sites.