Launchpad.net

CVE 2014-4165

Cross-site scripting (XSS) vulnerability in ntop allows remote attackers to inject arbitrary web script or HTML via the title parameter in a list action to plugins/rrdPlugin.

See the CVE page on Mitre.org for more details.