An XSS and a clickjacking vulnerability have been addressed
The Joomla Project has released Joomla 3.0.2 and Joomla 2.5.8. Both variants come with a number of improvements, including fixes for security issues.In Joomla 3.0.2 the developers have added a new feature which allows users to assign articles and article categories from different languages, and the module will display the correct link even if the language is changed.
In this variant, a medium priority cross site scripting (XSS) vulnerability – reported by Jeff Channell – which affected the language search component was fixed.
In the 2.5.8 version of Joomla, 9 tracker issues have been fixed, along with a clickjacking vulnerability caused by “inadequate protection.” This particular security hole was reported by Ajay Singh Negi.
Both of them are considered to be security releases. This means that customers are advised to update their installations as soon as possible to avoid falling victim to cybercriminal attacks.
Joomla is available for download here