SA-CONTRIB-2009-055 - BUEditor - Cross Site Scripting
The BUEditor module provides a plain textarea editor designed to facilitate code writing. The module suffers from a Cross Site Scripting XSS vulnerability, which allows an attacker to hijack the account of a logged in user by tricking them into visiting a seemingly innocent page using the Live...