Project: Select (or other)
Security risk: *Moderately critical* 14∕25
Vulnerability: Cross Site Scripting
This module enables users to select 'other' on certain form elements and a
textfield appears for the user to provide a custom value.
The module doesn't sufficiently escape values of a text field the under the
scenario when "Select or other" formatter is used.