Crypt Server before 3.3.0 allows XSS in the index view. This is related to serial, computername, and username.