CVE-2014-3933
The CVE-2014-3933 entry concerns Drupal's AddressField Tokens module (7.x-1.x) with a vulnerability in the address components field formatter that allows XSS by remote authenticated users. Affected versions are 7.x-1.x prior to 7.x-1.4. The root cause is improper filtering of address field values...