Debian Linux Security Advisory 1947-1 – Matt Elder discovered that Shibboleth, a federated web single sign-on system is vulnerable to script injection through redirection URLs.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/83541/dsa-1947-1.txt
Source: https://packetstormsecurity.com/files/83541/Debian-Linux-Security-Advisory-1947-1.html