CVE-2013-1453

Name of the Vulnerable Software and Affected Versions Joomla! versions 2.5.x through 2.5.8 Joomla! versions 3.0.x through 3.0.2

Description The issue allows attackers to unserialize arbitrary PHP objects, which can lead to obtaining sensitive information, deleting arbitrary directories, conducting SQL injection attacks, and possibly having other impacts. This is achieved via the highlight parameter.

Recommendations For Joomla! versions 2.5.x through 2.5.8, update to a version outside of this range to resolve the issue. For Joomla! versions 3.0.x through 3.0.2, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the highlight parameter in the affected highlight.php file until a patch is available.