CVE-2008-4149

Name of the Vulnerable Software and Affected Versions Greg Holsclaw Link to Us module versions 5.x before 5.x-1.1

Description The issue is related to a cross-site scripting (XSS) vulnerability. This allows remote authenticated users to inject arbitrary web script or HTML via the Link page header field.

Recommendations For versions prior to 5.x-1.1, update to version 5.x-1.1 or later to resolve the issue.