CVE-2009-1942

Name of the Vulnerable Software and Affected Versions: Drupal Quiz module versions 5.x, 6.x-2.x before 6.x-2.2, 6.x-3.x before 6.x-3.0

Description: A cross-site scripting (XSS) issue allows remote authenticated users with access to create quizzes or quiz questions to inject arbitrary web script or HTML. This could potentially lead to unauthorized actions on the website.

Recommendations: For versions 5.x, update to a version outside of this range to mitigate the risk. For versions 6.x-2.x before 6.x-2.2, update to version 6.x-2.2 or later. For versions 6.x-3.x before 6.x-3.0, update to version 6.x-3.0 or later.