Multiple cross-site scripting (XSS) vulnerabilities in the ShareThis module 7.x-2.x before 7.x-2.5 for Drupal allow remote authenticated users with the โadminister sharethisโ permission to inject arbitrary web script or HTML via unspecified vectors related to โJavaScript settings.โ