Jens Hinrichsen

**Name of the Vulnerable Software and Affected Versions** Joomla! versions 2.5.x through 2.5.13 Joomla! versions 3.x through 3.1.4 **Description** The issue allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . (dot). This has been exploited in the wild. **Recommendations** For Joomla! versions 2.5.x through 2.5.13, update to version 2.5.14 or later. For Joomla! versions 3.x through 3.1.4, update to version 3.1.5 or later.