CVE-2008-6299

Name of the Vulnerable Software and Affected Versions: Joomla! versions 1.5.7 and earlier

Description: The issue allows remote authenticated users with certain privileges to inject arbitrary web script or HTML. This can be achieved via the title and description parameters to the com weblinks module and unspecified vectors in the com content module related to article submission.

Recommendations: For Joomla! versions 1.5.7 and earlier, consider updating to a version that is not affected by this issue. As a temporary workaround, restrict access to the com weblinks and com content modules to minimize the risk of exploitation. Avoid using the title and description parameters in the com weblinks module until the issue is resolved.