Cross-site scripting (XSS) vulnerability in the Ajax Table module 5.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

The Ajax Table module 5.x for Drupal does not perform access control, which allows remote attackers to delete arbitrary users and nodes via unspecified vectors.