CVE-2014-9362

Name of the Vulnerable Software and Affected Versions Drupal Meta tags quick module versions 7.x-2.x before 7.x-2.8

Description A cross-site scripting (XSS) issue exists in the path-based meta tag editing form, allowing remote authenticated users with the "Edit path based meta tags" permission to inject arbitrary web script or HTML. This is related to deleting a Path-based Metatag.

Recommendations For versions 7.x-2.x before 7.x-2.8, update to version 7.x-2.8 or later to resolve the issue. As a temporary workaround, consider restricting the "Edit path based meta tags" permission to minimize the risk of exploitation.