Zzolo

**Name of the Vulnerable Software and Affected Versions** Drupal versions prior to 5.x-1.0 Drupal versions prior to 6.x-1.2 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is related to vectors involving administration and redirect pages. **Recommendations** For versions prior to 5.x-1.0, update to version 5.x-1.0 or later. For versions prior to 6.x-1.2, update to version 6.x-1.2 or later.