Debian Security Advisory 1774-1 - It was discovered that ejabberd, a distributed, fault-tolerant Jabber/XMPP server, does not sufficiently sanitise MUC logs, allowing remote attackers to perform cross-site scripting (XSS) attacks.
2565b30c1941de7daad6848ebfdd5a37be2d8ebdd8d9a78a4ab8141c8830833a