SA-CONTRIB-2010-106 - Comment Edited - Cross Site Scripting

The Comment Edited module displays a customizable message at the bottom of a comment when it has been edited. The module does not sanitize some of the user-supplied data before displaying it, leading to a Cross Site Scripting XSS vulnerability that may lead to a malicious user gaining full...