CVE-2012-2725
The CVE-2012-2725 issue affects the Drupal Authoring HTML module (6.x-1.x) prior to 6.x-1.1. It arises from improper validation of sources against the host whitelist in WhitelistedExternalFilter.php, allowing remote authenticated users to bypass access controls and perform cross-site scripting (X...