ROCKETTHEME IS CLOSING ON JUNE 30, 2025. As a thank-you to our community, enjoy 50% off all themes with the promo code THANKYOU before we shut down.
Read our Farewell Blog Post for more details.
Module Chromes
-
-
- malmerl
- Hero Rocketeer
- Posts: 398
- Thanks: 2
-
HI
with the new joomla update.... are your templates all ok with
Module Chromes (CVE-2018-6380)
This patch is fixing a longstanding issue with the module Chrome where the module_tag parameter in the system and Protostar template lack escaping which could lead to a XSS attack. This issue is fixed in Joomla 3.8.4 but only for the core templates. Please contact your template provider so they can check the corresponding module Chromes.
I use admin tools pro as well. is there a setting that also helps with this?
thanks
-
-
-
- MrT
- Preeminent Rocketeer
- Posts: 101084
- Thanks: 13484
- Web Designer/Developer
-
No, as Joomla only released this yesterday we have not made those changes to our templates. In any case, Joomla marked it as low-priority so it's not really a severe vulnerability. We will look into this more shortly - we have yet to take a decision what we will be doing.
Regards, Mark. - Please search forums before posting. Please make sure your post includes the version of the CMS you are using and a link to the problem. Annotations on screenshots can also be helpful to explain problems/goals. Please use the "secure" tab for confidential information.
-
Time to create page: 0.055 seconds