Front end editing fails in Joomla 3.3.4 upgraded from 3.3.3
I have 2 sites in Joomla 3.3.4 upgraded from 3.3.3
Both have issues with front end editing in both 3.3.3 and 3.3.4
This is weird.
Could this work as an exploit vulnerability??
PHP Built On
Linux
Database Version
5.5.37-cll
Database Collation
utf8_general_ci
PHP Version
5.4.32
Web Server
LiteSpeed
WebServer to PHP Interface
litespeed
Joomla! Version
Joomla! 3.3.4 Stable [ Ember ] 23-September-2014 14:00 GMT
Joomla! Platform Version
Joomla Platform 13.1.0 Stable [ Curiosity ] 24-Apr-2013 00:00 GMT
User Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:32.0) Gecko/20100101 Firefox/32.0
and;
Allows text editor but the "save" button is a dead link and fails. "Cancel" button works ok.
Setting
Value
PHP Built On
Darwin local
Database Version
5.5.38
Database Collation
utf8_general_ci
PHP Version
5.5.14
Web Server
Apache/2.2.26 (Unix) mod_fastcgi/2.4.6 mod_wsgi/3.4 Python/2.7.6 PHP/5.5.14 mod_ssl/2.2.26 OpenSSL/0.9.8y DAV/2 mod_perl/2.0.8 Perl/v5.18.2
WebServer to PHP Interface
apache2handler
Joomla! Version
Joomla! 3.3.4 Stable [ Ember ] 23-September-2014 14:00 GMT
Joomla! Platform Version
Joomla Platform 13.1.0 Stable [ Curiosity ] 24-Apr-2013 00:00 GMT
User Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:32.0) Gecko/20100101 Firefox/32.0
I did not alter permissions on either.
Back end editing works of course or I would not have been able to develop.
Both using using Protostar Template.
Not sure if it is a bug or I'm missing something?
@Wakinya i cant reproduce this using a clean 3.3.4 (upgrade from 3.3.3) Maybe a bug in some other issues here?
disallows front end login by super admin and says:" Error You are not authorised to view this resource."
Please check the login redirect on the login module / login site (module or menu itm)
It shows the "edit icon" . When I click it takes me to back end Module Manager: Module Custom HTML> Image Custom -HTML page.
This is expected a feature to do this in the Frontend will come with 3.4
Could this work as an exploit vulnerability??
No you can do this only if you login with an authorized user. And if you only logged in in FE you need also login into the Backend.
@Wakinya please check here. (The missing buttons in the Backend will fixed with 3.3.5 or #4331)
Status | New | ⇒ | Closed - Unconfirmed Report |
Set to "closed" on behalf of @vdespa by The JTracker Application at issues.joomla.org/joomla-cms/4389
Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2014-10-02 15:53:36 |
Thank you.
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/4389.
Labels |
Added:
?
|
hi,
@Wakinya this could be a side affect by the ACL Bug in 3.3.4 please test this Fix: #4331