Debian Security Advisory 1692-1 - It was discovered that php-xajax, a library to develop Ajax applications, did not sufficiently sanitise URLs, which allows attackers to perform cross-site scripting attacks by using malicious URLs.
e579e6c82f811a87f7cbda7ba962fa5c3eb3c2050a6366f673195b25f7bb70f3