CVE-2016-5061 (aternity)

Multiple cross-site scripting (XSS) vulnerabilities in the web server in Aternity 9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) HTTPAgent, (2) MacAgent, (3) getExternalURL, or (4) retrieveTrustedUrl page.

Source: CVE-2016-5061 (aternity)