The “Smart related articles” extension 1.1 for Joomla! has XSS in dialog.php (n_art,type in GET Method).