Project: Joomla! SubProject: All Severity: Low Versions: 1.6.1 and 1.6.0 Exploit type: XSS Vulnerabilities Reported Date: 2011-April-06 Fixed Date: 2011-April-14 Description Unescaped values in administrative modal windows causes potential XSS vulnerabilities. Affected Installs Joomla! version 1.6.1 and 1.6.0 versions Solution Upgrade to the latest Joomla! version (1.6.2 or later) Reported by Klas Berlič Contact The JSST at the Joomla! Security Center .
See the rest here:
[20110404] – Core – XSS Vulnerabilities