CVE-2009-1047

Name of the Vulnerable Software and Affected Versions Drupal module "Printer, e-mail and PDF versions" versions 5.x before 5.x-4.4 Drupal module "Printer, e-mail and PDF versions" versions 6.x before 6.x-1.4

Description A cross-site scripting (XSS) issue exists in the Send by e-mail module, allowing remote attackers to inject arbitrary web script or HTML via vectors involving outbound HTML e-mail.

Recommendations For versions 5.x before 5.x-4.4, update to version 5.x-4.4 or later. For versions 6.x before 6.x-1.4, update to version 6.x-1.4 or later.