2 matches found
CVE-2026-6365 Drupal core - Critical - Cross-site scripting - SA-CORE-2026-001
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS. This issue affects Drupal core: from 8.0.0 before 10.5.9, from 10.6.0 before 10.6.7, from 11.0.0 before 11.2.11, from 11.3.0 before 11.3.7...
CVE-2026-6365
CVE-2026-6365 is an XSS vulnerability in Drupal core caused by improper neutralization of input during web page generation. Affects Drupal core versions: 8.0.0–before 10.5.9, 10.6.0–before 10.6.7, 11.0.0–before 11.2.11, 11.3.0–before 11.3.7. The issue relates to Drupal core’s jQuery integration f...