Ubuntu Security Notice 1250-1 - It was discovered that a cross-site scripting (XSS) vulnerability in the Adium theme allows remote attackers to inject arbitrary javascript or HTML via a crafted nickname in XMPP group conversations.
bb596737256bf1498dc4e8ab2deb23600bef32b7a1deac28b628191754cadc06