Contact form security

Discussion regarding Joomla! 1.5 security issues.
Joomla! Vulnerable Extensions: http://feeds.joomla.org/JoomlaSecurityV ... Extensions

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Locked
User avatar
rsphaeroides
Joomla! Ace
Joomla! Ace
Posts: 1369
Joined: Sun Aug 21, 2005 2:57 pm
Location: Colorado, USA
Contact:

Contact form security

Post by rsphaeroides » Sun Feb 24, 2008 10:31 pm

Is there any sort of protection against injection or other e-mail security issues on the Contact component?

Also are there suggested standard entries for the "Banned E-mail", "Banned Subject", and/or "Banned Text" fields to improve security?

Edit [forgot to mention I'm specifically interested in 1.5.1]
Last edited by rsphaeroides on Thu Feb 28, 2008 4:07 pm, edited 1 time in total.
¡Pura Vida!
Ray,
joomla in testing at Costa Rica Travel: http://costaricamap.net
http://costa-rica-guide.com

User avatar
RussW
Joomla! Exemplar
Joomla! Exemplar
Posts: 9352
Joined: Sun Oct 22, 2006 4:42 am
Location: Sunshine Coast, Queensland, Australia
Contact:

Re: Contact form security

Post by RussW » Tue Feb 26, 2008 5:37 am

Standard Joomla! data input mechanisms are employed through the contact form, IE: html/script entity scrubbing and sanitation, SQL injection sanitation.
Joomla! on the fabulous Sunshine Coast...
hotmango, web & print http://www.hotmango.me/
The Styleguyz https://www.thestyleguyz.com/


Locked

Return to “Security in Joomla! 1.5”