Take a look at: http://developer.joomla.org/security/news/368-20110902-core-xss-vulnerability Please remove masked affect version and bump the new
*** This bug has been marked as a duplicate of bug 386169 ***