Project: 
Date: 
2019-February-27
Vulnerability: 
Cross site scripting
Description: 

This module enables you to manage contextual conditions and reactions for different portions of your site.

The module doesn't sufficiently sanitize user output when displayed leading to a Cross Site Scripting (XSS) vulnerability.

This vulnerability is mitigated by the fact that an attacker must have the ability to store malicious markup in the site (e.g. permission to create a node with a field that accepts "filtered html").

Solution: 

Install the latest version:

Also see the Context project page.

Reported By: 
Fixed By: 
Coordinated By: