JB Library, 2.1.5 and below, XSS (Cross Site Scripting)
Extension includes vulnerable JS library prettyPhoto
Fixed in version 2.1.6
Update notice: https://twitter.com/joomlabamboo/status/612793666474655744
please contact the developer for more information.