CVE-2014-9498
The Drupal Webform Invitation module (7.x-1.x before 7.x-1.3 and 7.x-2.x before 7.x-2.4) is affected by an XSS vulnerability due to insufficient sanitization of node titles. Exploitation requires an attacker to have one of the Webform-related permissions: Webform: Create new content, Webform: Edi...