<excerpt>The Flag module contains several cross site scripting vulnerabilities because it does not properly sanitize output of role names before display</excerpt>. The Flag module also contains cross site scripting vulnerabilities because it fails to properly sanitize content type names. Additionally the Flag module contains a SQL injection vulnerability because it does not properly sanitize variables before concatenating them into a SQL query.

-</p>

Make your website safer. Use external penetration testing (http://www.beyondsecurity.com/penetration-testing.html) service. First report ready in one hour!</p>

**Hidden Content: Check the thread to see hidden data.**