Joomla version 1.7.3 fixed XSS, Password Change and other Vulnerabilities found in the earlier version of Joomla.
Upgrade to the latest Joomla! version (1.7.3 or later) in order to fix the vulnerability.
XSS Vulnerability:
Affected Versions:1.7.2 and all 1.6.x versions
Reported Date: 2011-October-21
info:Inadequate filtering leads to XSS vulnerability in back end.
Password Change
Affected Versions:1.7.2 and all earlier 1.7.x and 1.6.x ,1.5.x versions
Reported Date: 2011-October-28
Info:Weak random number generation during password reset leads to possibility of changing a user's password.
Upgrade to the latest Joomla! version (1.7.3 or later) in order to fix the vulnerability.
Detailed Information about the Vulnerability :
XSS Vulnerability:
Affected Versions:1.7.2 and all 1.6.x versions
Reported Date: 2011-October-21
info:Inadequate filtering leads to XSS vulnerability in back end.
Password Change
Affected Versions:1.7.2 and all earlier 1.7.x and 1.6.x ,1.5.x versions
Reported Date: 2011-October-28
Info:Weak random number generation during password reset leads to possibility of changing a user's password.