CVE-2016-1565
An XSS vulnerability (CVE-2016-1565) affects the Drupal Field Group module for Drupal 7.x: versions prior to 7.x-1.5; remote authenticated users with permission to configure field display settings can inject script/HTML via an element attribute. Drupal core is not affected. Remediation: upgrade F...