Ubuntu Security Notice 1026-1 - It was discovered that Python Paste did not properly sanitize certain strings, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.
31267294aa4741768e640b48e59f9c9c592675a288b7328f05e47d2b1f19d61e