CVE-2012-2712

Name of the Vulnerable Software and Affected Versions Drupal Search API module versions 7.x-1.x before 7.x-1.1

Description The issue allows remote attackers to inject arbitrary web script or HTML via vectors related to thrown exceptions and logging errors in the Search API module for Drupal, specifically when supporting manual entry of field identifiers.

Recommendations For versions prior to 7.x-1.1, update to version 7.x-1.1 or later to resolve the issue.