0
Welcome Guest! Login
0 items Join Now

Module Chromes

    • malmerl's Avatar
    • malmerl
    • Hero Rocketeer
    • Posts: 371
    • Thanks: 2

    Module Chromes

    Posted 2 weeks 3 days ago
    • HI
      with the new joomla update.... are your templates all ok with

      Module Chromes (CVE-2018-6380)

      This patch is fixing a longstanding issue with the module Chrome where the module_tag parameter in the system and Protostar template lack escaping which could lead to a XSS attack. This issue is fixed in Joomla 3.8.4 but only for the core templates. Please contact your template provider so they can check the corresponding module Chromes.

      I use admin tools pro as well. is there a setting that also helps with this?

      thanks
    • MrT's Avatar
    • MrT
    • Preeminent Rocketeer
    • Posts: 73656
    • Thanks: 8897
    • Web Designer/Developer

    Re: Module Chromes

    Posted 2 weeks 3 days ago
    • No, as Joomla only released this yesterday we have not made those changes to our templates. In any case, Joomla marked it as low-priority so it's not really a severe vulnerability. We will look into this more shortly - we have yet to take a decision what we will be doing.

      Regards, Mark.
    • Please search forums before posting. Please make sure your post includes the version of the CMS you are using and a link to the problem. Annotations on screenshots can also be helpful to explain problems/goals. Please use the "secure" tab for confidential information.

Time to create page: 0.048 seconds