Joomla Password Change Vulnerability Print
Written by Rebecca Mints   
Monday, 11 August 2008 19:00

The Joomla "token" password change vulnerability was reported by d3m0n. It can be exploited by malicious people to bypass security restrictions and manipulate data maliciously.

 

The vulnerability is caused by an improper restriction in 'components/comˍuser/models/reset.php'. This can be exploited via an authentication mechanism and change the password of the user with the lowest ID (typically admin), without having valid credentials.

 

The vulnerability is reported in all 1.5.x versions prior to 1.5.6 and it's suggested to upgrade.