CVE-2025-12083

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

Drupal CivicTheme Design System allows Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS. This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

EUVD-2025-36873

Drupal CivicTheme Design System allows Cross-Site Scripting XSS...

GHSA-H72Q-CQ3W-H3WC Drupal CivicTheme Design System allows Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS. This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

Drupal CivicTheme Design System allows Forceful Browsing

Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing. This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

GHSA-QXR9-F877-9842 Drupal CivicTheme Design System allows Forceful Browsing

Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing. This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

EUVD-2025-36874

Drupal CivicTheme Design System allows Forceful Browsing...

CVE-2025-12083

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

CVE-2025-12082

Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

CVE-2025-12083

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

CVE-2025-12082

Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

Drupal CivicTheme Design System 安全漏洞

Drupal CivicTheme Design System is a theme design plugin for the Drupal community. A security vulnerability exists in Drupal CivicTheme Design System versions prior to 1.12.0, which stems from improper input neutralization during page generation and could lead to a cross-site scripting attack...

Drupal CivicTheme Design System 安全漏洞

Drupal CivicTheme Design System is a theme design plugin for the Drupal community. A security vulnerability exists in Drupal CivicTheme Design System versions prior to 1.12.0 that stems from improper authorization and could lead to a forced browsing attack...

CVE-2025-12083 CivicTheme Design System - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-113

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

CVE-2025-12083 CivicTheme Design System - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-113

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

CVE-2025-12083

The CVE-2025-12083 entry concerns Drupal CivicTheme Design System prior to 1.12.0. The root cause is improper neutralization of input during web page generation, enabling Cross-Site Scripting (XSS). Affected component: CivicTheme Design System (Twig rendering paths) with input not adequately sani...

CVE-2025-12082 CivicTheme Design System - Moderately critical - Information disclosure - SA-CONTRIB-2025-112

Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

CVE-2025-12082

Summary of CVE-2025-12082 : Affected software is the Drupal CivicTheme Design System. The root cause is an incorrect authorization check that enables forceful browsing. This vulnerability allows disclosure of information via UI components (cards) that render content the user should not access. Im...

CVE-2025-12082 CivicTheme Design System - Moderately critical - Information disclosure - SA-CONTRIB-2025-112

Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

PT-2025-44361

Name of the Vulnerable Software and Affected Versions Drupal CivicTheme Design System versions prior to 1.12.0 Description A flaw exists in the CivicTheme Design System that allows for Cross-Site Scripting XSS. This occurs due to improper neutralization of input during web page generation. The...