Zen Library [zen], 1.0.2, XSS (Cross Site Scripting)

Extension includes vulnerable JS library prettyPhoto

Fixed in version 1.0.3 (part of JB Library 2.1.6)

Update note: https://twitter.com/joomlabamboo/status/612793666474655744 

please contact the developer for more information.