Sign in / up

back to article Joomla issues upgrade to patch critical SQL vuln

Joomla's developers have moved to fix a critical SQL injection vulnerability – but are coming under fire for taking a month to address the issue. The version 3.2.3 update, available since late last week, is described by Joomla as fixing a high priority core SQL injection bug (along with two medium priority XSS bugs and an …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    I have no understanding for people who still write code like that, concatenating SQL strings into a giant mess. Why not just use prepared statements?

    3 0
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      I thought this might be something rather more unusual - an MS SQL Server vulnerability. Nope.

      2 0
      1. Anonymous Coward
        Reply Icon
        Trollface

        That would be interesting, as the vast majority of Joomla sites are probably not running MS SQL.

        0 0
This topic is closed for new posts.

Other stories you might like