Smart Trim - Moderately critical - Cross site scripting - SA-CONTRIB-2019-092

Project: Smart TrimVersion: 8.x-1.18.x-1.08.x-1.0-beta1Date: 2019-December-11Security risk: Moderately critical 13∕25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:DefaultVulnerability: Cross site scriptingDescription: The Smart Trim module allows site builders additional control with text summary fields.
The module doesn't sufficiently filter text when certain options are selected.
This vulnerability is mitigated by the fact that an attacker must have a role with the ability to create content on the site when certain options are selected for the trimmed output.Solution: Install the latest version:

Also see the Smart Trim project page.Reported By: 

Fixed By: 

Coordinated By: 

Path to article https://www.drupal.org/sa-contrib-2019-092