CVE-2012-1060

Name of the Vulnerable Software and Affected Versions Revisioning module versions 6.x-3.13 and earlier

Description The issue allows remote authenticated users with certain privileges to inject arbitrary web script or HTML. This can be achieved via the tags or term parameters.

Recommendations For Revisioning module versions 6.x-3.13 and earlier, update to version 6.x-3.14 or later to resolve the issue.