Debian Linux Security Advisory 2512-1 - Marcus Meissner discovered that the web server included in Mono performed insufficient sanitizing of requests, resulting in cross-site scripting.
dd9f44430c3792f55cfd3b79094cd29f9db03840ccee1c6521b22f3081775a29