Privatemsg

* Advisory ID: DRUPAL-SA-CONTRIB-2010-080
* Project: Privatemsg (third-party module)
* Version: 6.x
* Date: 2010-August-11
* Security risk: Moderately critical
* Exploitable from: Remote
* Vulnerability: Cross-Site Scripting