Drupal Avatar Uploader version 7.x-1.0-beta8 suffers from a cross site scripting vulnerability. Continue reading...