Aaron Siegel discovered that the web interface of cups, the Common UNIX Printing System, is prone to cross-site scripting attacks. For the stable distribution , this problem has been fixed in version 1.3.8-1+lenny7. For the oldstable distribution , this problem has been fixed in version 1.2.7-4+etch9. For the testing distribution and the unstable distribution , this problem will be fixed soon. We recommend that you upgrade your cups packages.