Drupal · Redhen · CVE-2016-1913
**Name of the Vulnerable Software and Affected Versions**
Redhen module versions prior to 7.x-1.11
**Description**
The issue allows remote authenticated users with certain access to inject arbitrary web script or HTML via unspecified vectors, related to individual contacts, notes, or engagement scores.
**Recommendations**
For versions prior to 7.x-1.11, update to version 7.x-1.11 or later to resolve the issue.