{"id":1496,"date":"2019-09-27T11:58:22","date_gmt":"2019-09-27T16:58:22","guid":{"rendered":"https:\/\/cert.pa\/?p=1496"},"modified":"2019-09-27T11:58:22","modified_gmt":"2019-09-27T16:58:22","slug":"csirt-panama-aviso-2019-09-27-joomla-lanza-version-de-seguridad","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=1496","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2019-09-27 Joomla lanza versi\u00f3n de seguridad"},"content":{"rendered":"\n

Gravedad: baja<\/strong>
Fecha de publicaci\u00f3n: 27 de septiembre de 2019
Fecha de modificaci\u00f3n: 27 de septiembre de 2019
N\u00famero de CVE: CVE-2019-16725
Fuente: developer.joomla.org<\/p>\n\n\n\n

Sistemas Afectados<\/strong>
Joomla! CMS Versiones: 3.0.0-3.9.11<\/p>\n\n\n\n


I. Descripci\u00f3n<\/strong>
El escape inadecuado permiti\u00f3 ataques XSS (Cross-site scripting) utilizando el par\u00e1metro del logotipo de las plantillas predeterminadas.
Se recomienda actualizar a la \u00faltima versi\u00f3n 3.9.12.<\/strong><\/p>\n\n\n\n

II. Referencia a soluciones, herramientas e informaci\u00f3n<\/strong>
https:\/\/developer.joomla.org\/security-centre\/791-20190901-core-xss-in-logo-parameter-of-default-templates.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+JoomlaSecurityNews+%28Joomla%21+Security+News%29<\/a> <\/p>\n\n\n\n

IV. Informaci\u00f3n de contacto<\/strong><\/p>\n\n\n\n

CSIRT PANAMA
\nAutoridad Nacional para la Innovaci\u00f3n Gubernamental
\nE-Mail: info@cert.pa
\nWeb: http:\/\/www.cert.pa<\/p>\n","protected":false},"excerpt":{"rendered":"

Gravedad: baja Fecha de publicaci\u00f3n: 27 de septiembre de 2019 Fecha de modificaci\u00f3n: 27 de septiembre de 2019 N\u00famero de CVE: CVE-2019-16725 Fuente: developer.joomla.org Sistemas Afectados Joomla! CMS Versiones: 3.0.0-3.9.11 I. Descripci\u00f3nEl escape inadecuado permiti\u00f3…<\/p>\n","protected":false},"author":3,"featured_media":460,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[],"class_list":["post-1496","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad"],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1496","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1496"}],"version-history":[{"count":2,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1496\/revisions"}],"predecessor-version":[{"id":1498,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1496\/revisions\/1498"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/460"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1496"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1496"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1496"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}