J. Carlos Nieto wrote:
There exists a Cross Site Scripting security hole in Joomla 1.0.13.
Sorry, it should be "Cross Site Request Forgery".