CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
Percentile
99.7%
The Content Analysis module is an API designed to help modules that need to analyze content.
The module fails to sanitize user input in log messages, leading to a Cross Site Scripting (XSS) vulnerability.
This vulnerability is mitigated by the fact that only sites with dblog module enabled are affected.
Drupal core is not affected. If you do not use the contributed Content Analysis module,
there is nothing you need to do.
Install the latest version:
Also see the Content Analysis project page.