A reflected XSS vulnerability exists in the LivingWord component for Joomla.
mlwebtechnologies livingword