Bengtan

**Name of the Vulnerable Software and Affected Versions** Strongarm module versions prior to 6.x-1.1 **Description** A cross-site scripting (XSS) issue exists in the settings page of the Strongarm module for Drupal, allowing remote attackers to inject arbitrary web script or HTML via the `value` field when viewing overridden variables. **Recommendations** For versions prior to 6.x-1.1, update to version 6.x-1.1 or later to resolve the issue.