CVE-2009-2937

Cross-site scripting (XSS) vulnerability in Planet 2.0 and Planet Venus allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IMG element in a feed.

Date published : 2009-09-18

http://www.securityfocus.com/bid/36392

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546178