CVE-2013-5315

Name of the Vulnerable Software and Affected Versions Scald module versions 6.x-1.x before 6.x-1.0-beta3 Scald module versions 7.x-1.x before 7.x-1.1

Description A cross-site scripting (XSS) issue exists in the Resource Manager of the MEE submodule in the Scald module for Drupal, allowing remote attackers to inject arbitrary web script or HTML via the atom title.

Recommendations For Scald module version 6.x-1.x, update to version 6.x-1.0-beta3 or later. For Scald module version 7.x-1.x, update to version 7.x-1.1 or later.