Secunia Security Advisory - Some vulnerabilities have been reported in the Bubbletimer module for Drupal, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site request forgery attacks, and by malicious users to conduct script insertion attacks.
6c587d4dcf3097c24bf96d481ddc2c9ee3ede67e765669b067c04e5f90fc1693