The Zoomify module integrates the Zoomify Flash applet into Drupal which can be used to pan and zoom on large images. Images are first preprocessed in order for Zoomify to work. The module fails to sanitize a value in the node title, leading to a Cross Site Scripting (XSS) vulnerability.
Drupal core is not affected. If you do not use the contributed Zoomify module, there is nothing you need to do.
Upgrade to the latest version: