CVE-2012-1659

Name of the Vulnerable Software and Affected Versions Node Recommendation module versions prior to 6.x-1.1 for Drupal

Description The issue is related to a cross-site scripting (XSS) vulnerability. This allows remote authenticated users with certain permissions to inject arbitrary web script or HTML.

Recommendations For versions prior to 6.x-1.1, update to version 6.x-1.1 or later to resolve the issue.