CVE-2011-5187

Name of the Vulnerable Software and Affected Versions Drupal Support Ticketing System module versions 6.x-1.x before 6.x-1.7

Description A cross-site scripting (XSS) issue exists in the Support Ticketing System module for Drupal, allowing remote authenticated users with the "administer support projects" permission to inject arbitrary web script or HTML.

Recommendations For versions prior to 6.x-1.7, update to version 6.x-1.7 or later to resolve the issue.