Joomla! HTTP header cross-site scripting vulnerability-vulnerability warning-the black bar safety net

From the green Alliance:no commercial use indicate in advance Joomla! Is an open source content management system CMS to. Joomla! Not properly filter the user in the HTTP request the the submission of the HTTPREFERER variable, a remote attacker can submit a malicious request to inject JavaScript ...

Update Protection against Joomla! HTTP Header Script Injection

Joomla! is a content management system CMS designed for building Web sites and online applications. Joomla! fails to parse HTTP headers, allowing an attacker to inject JavaScript or DHTML code that can be executed in the context of a target user browser...