The Joomla Team has updated the Joomla CMS. The new version Joomla 2.5.4 comes with fixes for two low priority vulnerabilities , 3 new features and 157 tracker issues.
New Features:
- Add option to show full CMS version number in generator tag (Mark Dexter)
- Implementing Access levels for Content Languages (JM Simonet, Dennis Hermatski, Christophe Demko)
- Make the auto-update process more reliable across different hosts (Nicholas Dionysopoulos)
XSS vulnerability(Inadequate filtering in update manager) and Information Disclosure vulnerability(Inadequate permission checking allows unauthorised viewing of some administrative back end information) has been fixed in the updated version.
Download:
New Installations: Joomla 2.5.4
Update Package: update package
If you are using Joomla ,then immediately upgrade to the latest version so that you can stay away from the publicly available vulnerabilities. The new Joomscan(jooml vulnerability scanner) can identify 623 vulnerabilities, scan your site with this scanner to identify vulnerabilities.
