|
Jix Security Update 2009-09-11 |
|
Written by Pete Nurse
|
|
Friday, 11 September 2009 00:49 |
|
Jix Security Issue: Non Authorised Access to Jix Config Files
All versions of Jix prior to V0.023 have a security issue that requires your immediate attention.
Jix does not automatically delete Jix conguration files from the following directories on your web site:-
- administrator/components/com_jix/export;
- administrator/components/com_jix/import.
These files may then be accessed by non-authorised people.
Jix version V0.023 circumvents this problem by saving Jix config files to a folder with a 10 character name encoded from your Joomla site's secret word (Global Configuration=>Site=>System Settings). |
|
Last Updated on Friday, 11 September 2009 06:49 |