CVE-2015-8562

Name of the Vulnerable Software and Affected Versions Joomla! versions 1.5.x through 3.x before 3.4.6

Description The issue allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header. This has been exploited in the wild.

Recommendations For versions 1.5.x, 2.x, and 3.x before 3.4.6, update to version 3.4.6 or later to resolve the issue.