新闻链接:http://www.ehackingnews.com/2014/03/joomla-322-is-vulnerable-to-sql.html
新闻时间:2014年03月07日
新闻正文:Joomla 3.2.2 is vulnerable to SQL Injection and XSS
If your website is running Joomla 3.2.2, you should upgrade your CMS to the latest version.
A new version of Joomla v3.2.3 has been released to address more than 40 bugs and four security vulnerabilities.
One of the patched security flaws is SQL Injection, caused by Inadequate escaping, rated as High severity bug. It affects versions 3.1.0 through 3.2.2.
Other two security bugs are Cross site scripting vulnerabilities, which have been rated as Medium severity bugs.
The last one allows unauthorized logins via GMail authentication, caused by inadequate checking. It affects versions 2.5.8 and earlier 2.5.x and 3.2.2 and earlier 3.x.
It doesn't matter whether you do care about the 40 bugs but you always should consider the security fixes. So, better update your cms immediately before attackers informing you by hacking your site.
