Launchpad.net

CVE 2009-0934

Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to links and MUC logs.

See the CVE page on Mitre.org for more details.

References