CVE-2014-3863
CVE-2014-3863 is a stored XSS in the Joomla extension JChatSocial (before 2.3). The vulnerability allows remote attackers to inject arbitrary script via the filename parameter in a file upload in an active JChat chat window. Affected versions are 2.2 and lower; vendor fixed the issue within hours...