Drupal · Refine By Taxonomy · CVE-2008-7150
**Name of the Vulnerable Software and Affected Versions**
Refine by Taxonomy versions prior to 5.x-0.1
**Description**
A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via a taxonomy term. This occurs because the term is not properly handled by refine by taxo when displaying tags.
**Recommendations**
For versions prior to 5.x-0.1, update to version 5.x-0.1 or later to resolve the issue.