{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<P><SPAN class=\"textit\">Joomla!</SPAN> versions 2.5.1, 2.5.0,  1.7.4 et versions 1.7.x ant\u00e9rieures.</P>","content":"## Description\n\nDes vuln\u00e9rabilit\u00e9s, non d\u00e9taill\u00e9es par l'\u00e9diteur, ont \u00e9t\u00e9 d\u00e9couvertes\ndans Joomla!. Leur exploitation permet de r\u00e9aliser diverses injections\n(SQL et cross-site scripting).\n\n## Solution\n\nMettre Joomla! \u00e0 jour en version 2.5.2.\n","cves":[{"name":"CVE-2012-1117","url":"https://www.cve.org/CVERecord?id=CVE-2012-1117"},{"name":"CVE-2012-1116","url":"https://www.cve.org/CVERecord?id=CVE-2012-1116"}],"links":[{"title":"Bulletins de s\u00e9curit\u00e9 Joomla! 20120301 et 20120302 du 05    mars 2012 :","url":"http://developer.joomla.org/security/news/391-20120301-core-sql-injection.html"},{"title":"Bulletins de s\u00e9curit\u00e9 Joomla! 20120301 et 20120302 du 05    mars 2012 :","url":"http://developer.joomla.org/security/news/392-20120302-core-xss-vulnerability.html"}],"reference":"CERTA-2012-AVI-132","revisions":[{"description":"version initiale.","revision_date":"2012-03-12T00:00:00.000000"}],"risks":[{"description":"Injection de code indirecte \u00e0 distance"},{"description":"Injection SQL"}],"summary":"Des vuln\u00e9rabilit\u00e9s dans <span class=\"textit\">Joomla!</span> permettent\nde r\u00e9aliser diverses injections.\n","title":"Vuln\u00e9rabilit\u00e9s dans Joomla!","vendor_advisories":[{"published_at":null,"title":"Bulletins de s\u00e9curit\u00e9 Joomla! du 05 mars 2012","url":null}]}