CVE-2014-100034
Cross-site scripting (XSS) vulnerability in the frontend interface in LicensePal ArcticDesk before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Date published : 2015-01-13
http://www.arcticdesk.com/support/announcements/arcticdesk-v1-2-5-maintenance-release-18.html