Joomla update eliminates vulnerabilities
A similar error is also present in com_weblinks, allowing an attacker to write raw HTML into the title and description tags for weblink submissions. Joomla 1.5.x up to and including 1.5.8 is affected. Besides these vulnerabilities, the update also eliminates many errors that don't relate to security.
- Core - com_content XSS vulnerability, security announcement by Joomla
- Core - com_weblinks XSS vulnerability, security announcement by Joomla