CVE-2012-2075
CVE-2012-2075 is a Cross-Site Scripting vulnerability in the Drupal Contributed module Contact Save (6.x-1.x) prior to version 6.x-1.5 . The issue arises because the module does not sufficiently filter user-submitted text, allowing a remote authenticated user with the access site-wide contact for...