SA-CONTRIB-2014-021 - Maestro - Cross Site Scripting (XSS)
The Maestro module enables you to create complex workflows, automating business processes. The module doesn't sufficiently filter Role or Organic Group names when displaying them in the workflow details. This vulnerability is mitigated by the fact that an attacker must have a role with the...