CVE-2012-2308

Name of the Vulnerable Software and Affected Versions Drupal Taxonomy Grid : Catalog module versions 6.x-1.6 and earlier

Description A cross-site scripting (XSS) issue exists, allowing remote authenticated users with specific permissions to inject arbitrary web script or HTML.

Recommendations For versions 6.x-1.6 and earlier, update to a version later than 6.x-1.6 to resolve the issue.