Drupal Simplenews third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability…. Drupal Simplenews third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

Read more http://packetstormsecurity.com/files/123660/DRUPAL-SA-CONTRIB-2013-080.txt