CVE-2016-2163
Cross-site scripting (XSS) vulnerability in Apache OpenMeetings before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the event description when creating an event.
Date published : 2016-04-11
http://www.securityfocus.com/archive/1/537888/100/0/threaded