My Hostingprovider sends me a message that there is a xss Vulnerability? ([Joomla] XSS in Joomla change) in mega_etanol/html/com_contact/category/default_items.php
mega_etanol/html/com_contact/featured/default_items.php

what can i do? is there a patch?

Can you tell me more detail about those files ? What's is the problem ?

Regards

they don't give more details... only that i have to fix it. i will ask if they can give more information.

the answer that i got:

The problem is not literally in the template, but the template saves files in folders / files that are part of Joomla. In the folders / files where they are stored are leaks. As it a template, the files will be used where the template is stored. Because the leaks are here the scan recognizes it as vulnerability. The cause of the problem lies in Joomla itself in combination with the storage location of certain files from the template.

my hosting gave me this link:

developer.joomla.org/security/352-201106...s-vulnerability.html

can i just delete the files in com_contact? or do you have a update?
/templates/mega_etanol/html/com_contact/category/default_items.php
/templates/mega_etanol/html/com_contact/featured/default_items.php

Yes, you can delete these files. It's not problem with template.

Regards