Debian Security Advisory 1066-1 - It was discovered that phpbb2, a web based bulletin board, does insufficiently sanitize values passed to the "Font Colour 3" setting, which might lead to the execution of injected code by admin users.
26b3194ce79c5ecacaff8a5d1cc1eb91b6bd6d8cf30771d6931218a1efce7284