Joomla versions 1.5.19 and below suffer from cross site scripting vulnerabilities.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/92031/oCERT-2010-002.txt
Source: https://packetstormsecurity.com/files/92031/Open-Source-CERT-Security-Advisory-2010.2.html