CVE-2013-1887

Name of the Vulnerable Software and Affected Versions Drupal Views module versions 7.x-3.x before 7.x-3.6

Description The issue allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via certain view configuration fields. This is due to multiple cross-site scripting (XSS) vulnerabilities in the Views module.

Recommendations For versions prior to 7.x-3.6, update to version 7.x-3.6 or later to resolve the issue.