This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects Joomla JCE Component Security Bypass and Cross-Site Scripting Vulnerabilities
JCE is a component for the Joomla! content manager.
The component is prone to a the following security vulnerabilities:
1. A cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input to
the 'search' parameter of the 'administrator/index.php' script.
2. A security-bypass vulnerability occurs due to an error in the 'components/com_jce/editor/extensions/browser/file.php' script.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
JCE 2.1.0 is vulnerable; other versions may also be affected.