Debian Linux Security Advisory 2651-1 - A cross-site scripting vulnerability was discovered in smokeping, a latency logging and graphing system. Input passed to the "displaymode" parameter was not properly sanitized. An attacker could use this flaw to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
904d86718938baf33fc8ef37007e11d16fda5e3dfeea69e30ca4ab280e6357b3