Drupal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2009-3479

Cross-site scripting (XSS) vulnerability in Bibliography (Biblio) 5.x before 5.x-1.17 and 6.x before 6.x-1.6 a module for Drupal allows remote attackers with quotcreate content displayed by the Bibliography modulequot permissions to inject arbitrary web script or HTML via a title.