Spatz4000

**Name of the Vulnerable Software and Affected Versions** Drupal versions prior to 4.7, with the Recipe module version prior to 1.54 **Description** A cross-site scripting issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is due to an unspecified vector in the Recipe module. **Recommendations** For Drupal versions prior to 4.7, with the Recipe module version prior to 1.54, update the Recipe module to version 1.54 or later.