See SA-CONTRIB-2015-053 - Entity API - Cross Site Scripting (XSS)
Changes since 7.x-1.5:
Changes Since 7.x-1.1
See SA-CONTRIB-2015-054 - SMS Framework - Cross Site Scripting (XSS).
Security update, not other changes. See SA-CONTRIB-2015-052 - RESTful Web Services - Access Bypass
This includes a fix for a moderately critical security vulnerability. You can learn more in the security advisory:
SA-CONTRIB-2015-047 - Panopoly Magic - Cross Site Scripting (XSS).
Changes since 7.x-1.16:
Drupal is a registered trademark of Dries Buytaert.