Joomla! Security Team has confirmed that this issue will not be fixed. >> While noted, your exploit report does not fall within the JSST remit as >> we no longer support J1.0.x branch (as you are aware and indicate). >> The vulnerability mentioned is not known to exist in any current supported release. >> Please ensure you are using the latest version of Joomla! The advisory has been updated with vendor's response: http://yehg.net/lab/pr0js/advisories/joomla/core/%5Bjoomla_1.0.x~15%5D_cross_site_scripting The CVE ID, CVE-2011-0005, has been assigned for it. --------------------------------- Best regards, YGN Ethical Hacker Group Yangon, Myanmar http://yehg.net Our Lab | http://yehg.net/lab Our Directory | http://yehg.net/hwd
