SA-CONTRIB-2014-018 - Webform - Cross Site Scripting (XSS)
This release of Webform 4.x fixes a large number of bugs and addresses an XSS security vulnerability. Beta2 introduces a new feature to preview submissions before submitting them in multipage forms. Upgrading is recommended for all users of Webform 4.x.
In addition to the news page and sub-tabs, all security announcements are posted to an email list. To subscribe to email: log in, go to your user profile page and subscribe to the security newsletter on the Edit » My newsletters tab.