CVE-2014-1456
Cross-site scripting (XSS) vulnerability in the login page in Open Web Analytics (OWA) before 1.5.6 allows remote attackers to inject arbitrary web script or HTML via the owa_user_id parameter to index.php.
Date published : 2014-02-28
http://www.securityfocus.com/bid/65571