If you're on linux, that is. If you can come up with something unique about the injected link that might be in the code, grep for that. Usually then you can trace it back to where it's getting called.
Sometimes, find the unique searchable value is the problem, though. If the link itself is pulled in dynamically (like from a database), for example, that doesn't really work. Maybe a class on the anchor tag, or a unique wrapper around it, or something like that.
I don't know how your CMS works--is that an option for you? BTW, I'd done extensive development on 3 CMS's, and worked with two others. Currently using TeamSite, but I've also used Plone and Vignette, and had brief interactions with BroadVision and Drupal.