Cross-site scripting (XSS) vulnerability in the Resource Manager in the MEE submodule (mee.module) in the Scald module 6.x-1.x before 6.x-1.0-beta3 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the atom title, a different vector than CVE-2013-4174.
https://exchange.xforce.ibmcloud.com/vulnerabilities/85964
https://drupal.org/node/2049415
https://drupal.org/node/2049239
http://www.securityfocus.com/bid/61426
http://secunia.com/advisories/54144