Grendzy

**Name of the Vulnerable Software and Affected Versions** Drupal Biblio module versions 5.x through 5.x-1.17 Drupal Biblio module versions 6.x through 6.x-1.9 **Description** A cross-site scripting (XSS) issue exists, allowing remote authenticated users with "administer biblio" privileges to inject arbitrary web script or HTML. This can be achieved via unspecified vectors. **Recommendations** For versions 5.x through 5.x-1.17, update to a version later than 5.x-1.17 to resolve the issue. For versions 6.x through 6.x-1.9, update to a version later than 6.x-1.9 to resolve the issue.