CVE-2014-9500

CVE-2014-9500 affects the Moip module for Drupal 7.x (versions prior to 7.x-1.4). The vulnerability is a cross-site scripting (XSS) flaw caused by insufficient filtering of data in automatic notifications, allowing remote attackers to inject arbitrary script or HTML via the notification page call...