Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to an "Undefined variable."
https://exchange.xforce.ibmcloud.com/vulnerabilities/81926
http://developer.joomla.org/security/news/549-20130202-core-information-disclosure.html