d3m0n has reported a vulnerability in Joomla!, which can be exploited by malicious people to bypass certain security restrictions and manipulate data.
The vulnerability is caused due to improper access restriction in components/com_user/models/reset.php. This can be exploited to bypass the authentication mechanism and change the password of the user with the lowest ID (typically the administrator), without having valid user credentials.
The vulnerability is reported in all 1.5.x versions prior to 1.5.6.
Solution: Update to version 1.5.6.
Provided and/or discovered by: d3m0n
The vendor credits Marijke Stuivenberg.
Original Advisory: Joomla!:
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org