Cross-site scripting (XSS) vulnerability in gmap.php in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the addr parameter.Referenceshttp://secunia.com/advisories/35998http://www.osvdb.org/56561http://www.exploit-db.com/exploits/9258
