Two weeks after its last security update, the Joomla! project has published another update to the 2.5.x branch of its open source content management system (CMS) which addresses two vulnerabilities. Version 2.5.4 of Joomla! closes an information disclosure hole that allowed unauthorised access to administrative information and fixes a problem that could have been exploited by an attacker to conduct cross-site scripting (XSS) attacks. Versions 2.5.0 to 2.5.3 are affected.

The link for this article located at H Security is no longer available.