CVE-2012-1646

The CVE-2012-1646 vulnerability affects the Drupal FAQ module (6.x-1.x prior to 6.x-1.13 and 7.x-1.x-rc1). The root cause is lack of input sanitization in the module when displaying user-supplied content, allowing XSS via the title parameter in faq.admin.inc and the detailed_question parameter in...