CVE-2013-4507
Cross-site scripting (XSS) vulnerability in CollectiveAccess Providence and Pawtucket before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Date published : 2013-11-19
http://www.collectiveaccess.org/news/collectiveaccess-version-1-3-1-released