CVE-2013-1393

Name of the Vulnerable Software and Affected Versions Drupal CurvyCorners module versions 6.x-1.x through 7.x-1.x

Description A cross-site scripting (XSS) issue exists, allowing remote authenticated users with the administer curvycorners permission to inject arbitrary web script or HTML.

Recommendations For versions 6.x-1.x through 7.x-1.x, consider disabling the CurvyCorners module until a patch is available to prevent exploitation.