The IT Dashboard is a website enabling federal agencies, industry, the general public and other stakeholders to view details of federal information technology investments.

Input passed to the "value" POST parameter in /sites/all/modules/contrib/datatables/dataTables/m
edia/examples_support/editable_ajax.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Details