SECUNIA ADVISORY ID:
Customer Area (Credentials Required)
A vulnerability has been reported in the SocialAds component for
Joomla, which can be exploited by malicious users to conduct script
Input passed via the "addata[ad_body]" parameter to index.php (when
"option" is set to "com_socialads", "view" is set to "buildad", and
"Itemid" is set to a valid value) when creating an advertisement is
not properly sanitised before being used. This can be exploited to
insert arbitrary HTML and script code, which will be executed in a
user's browser session in context of an affected site when the
malicious data is being viewed.
The vulnerability is reported in versions prior to 1.0.1.
Update to version 1.0.1.
PROVIDED AND/OR DISCOVERED BY: