Joomla! -- XXS and DDoS vulnerabilities

The JSST and the Joomla! Security Center report:

[20130405] - Core - XSS Vulnerability
Inadequate filtering leads to XSS vulnerability in Voting plugin.

[20130403] - Core - XSS Vulnerability
Inadequate filtering allows possibility of XSS exploit in some
circumstances.

[20130402] - Core - Information Disclosure
Inadequate permission checking allows unauthorised user to see
permission settings in some circumstances.

[20130404] - Core - XSS Vulnerability
Use of old version of Flash-based file uploader leads to XSS
vulnerability.

[20130401] - Core - Privilege Escalation
Inadequate permission checking allows unauthorised user to delete
private messages.

[20130406] - Core - DOS Vulnerability
Object unserialize method leads to possible denial of service
vulnerability.

[20130407] - Core - XSS Vulnerability
Inadequate filtering leads to XSS vulnerability in highlighter
plugin