Launchpad.net

CVE 2011-0004

Multiple cross-site scripting (XSS) vulnerabilities in Piwik before 1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

See the CVE page on Mitre.org for more details.