SA-CONTRIB-2012-014 - Drupal Commerce - Cross Site Scripting (XSS)

CVE: CVE-2012-1639 Drupal Commerce is a flexible eCommerce framework built on Drupal 7 that lets you construct any type of eCommerce website. Part of its flexibility lies in its ability to render product fields into node displays through the product reference field used to build dynamic Add to Ca...