Debian Security Advisory 1569-1 - It was discovered that Cacti, a systems and services monitoring frontend, performed insufficient input sanitizing, leading to cross site scripting and SQL injection being possible.
a15748a6e26762a361015640d77f7b3ebb8ef1199a358015d04400e2751b1fda