Workflow - Moderately critical - Cross Site Scripting - SA-CONTRIB-2019-049
The Workflow module enables you to create arbitrary Workflows, and assign them to Entities. The module doesn't sufficiently escape HTML in the field settings leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the...