Joomla Car Manager Component "msg" Cross-Site Scripting Vulnerability

SECUNIA ADVISORY ID:
SA37882

VERIFY ADVISORY:
http://secunia.com/advisories/37882/

DESCRIPTION:
Fl0riX has reported a vulnerability in the Car Manager component for
Joomla, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Input passed to the "msg" parameter in index.php (when "option" is
set to "com_carman") is not properly sanitised before being returned
to the user. This can be exploited to execute arbitrary HTML and
script code in a user's browser session in context of an affected
site.

The vulnerability is reported in version 2.0.5. Other versions may
also be affected.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY:
Fl0riX

Joomla Security News

Project: Joomla!

SubProject: All
Severity: High
Versions: 1.5.17 and all previous 1.5 releases
Exploit type: XSS Injection
Reported Date: 2010-May-13
Fixed Date: 2010-May-28
Description
Back-end user can inject javascript in various administrator screens.

Affected Installs
All 1.5.x installs prior to and including 1.5.17 are affected.

Solution
Upgrade to the latest Joomla! version (1.5.18 or later)

Reported by Riyaz Ahemed

Contact
The JSST at the Joomla! Security Center.