drupal-avatar-xss: Drupal Avatar Uploader - Cross-Site Scripting

Drupal Avatar Uploader v7.x-1.0-beta8 plugin contains a cross-site scripting vulnerability in the slider import search feature and tab parameter via plugin settings.