CVE-2013-1906
The vulnerability CVE-2013-1906 affects the Drupal Rules module (7.x-2.x) prior to 7.x-2.3. It is a persistent XSS flaw caused by unsanitized rule tags displayed to users. Exploitation requires an attacker with the Drupal role/permission to administer rules and can inject arbitrary script/HTML vi...