Form Builder - Less critical - Cross Site Scripting
Project
Date
Severity
Less Critical
Affected versions
≤ 7.x-1.22, ≤ 7.x-2.0-alpha8
The Form Builder module provides an interface for editing and configuring forms. The module doesn't sufficiently sanitize JSON data, allowing persistent Cross Site Scripting (XSS) attacks.