CVE-2013-4447
The CVE-2013-4447 entry concerns a Cross‑Site Scripting (XSS) flaw in the Drupal Simplenews module API. Affected are Drupal 6.x-1.x lines prior to 6.x-1.5 and Drupal 7.x-1.x lines prior to 7.x-1.1, where an attacker could inject arbitrary scripts or HTML via an email address parameter. The vulner...