CVE-2014-8078

Name of the Vulnerable Software and Affected Versions Drupal versions 6.x-1.x before 6.x-1.19 Drupal versions 7.x-1.x before 7.x-1.3 Drupal versions 7.x-2.x before 7.x-2.0

Description A cross-site scripting (XSS) issue exists in the Print module for Drupal, allowing remote authenticated users with specific permissions to inject arbitrary web script or HTML via vectors related to nodes.

Recommendations For versions 6.x-1.x before 6.x-1.19, update to version 6.x-1.19 or later. For versions 7.x-1.x before 7.x-1.3, update to version 7.x-1.3 or later. For versions 7.x-2.x before 7.x-2.0, update to version 7.x-2.0 or later.