Mandriva Linux Security Advisory 2014-091 - Cross-site scripting vulnerability in scheduler/client.c in Common Unix Printing System before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function.
30e6eecea2171318dfc6d73daaf29f6095de61cbaccd933c3e50786079a68415