CVE-2014-9505
CVE-2014-9505 is a Cross-Site Scripting (XSS) vulnerability in the Drupal School Administration module (7.x-1.x) before 7.x-1.8. The issue arises because node titles are not properly sanitized, allowing remote authenticated users with permission to create or edit a class node to inject arbitrary ...