CVE-2015-6919 Information

Description

Cross-site scripting (XSS) vulnerability in the googleSearch (CSE) (com_googlesearch_cse) component 3.0.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the q parameter to index.php.

Reference

http://packetstormsecurity.com/files/133375/Joomla-GoogleSearch-CSE-3.0.2-Cross-Site-Scripting.html