GHSA-5QRQ-9645-G5G2 ethyca-fides has a DOM-based XSS vulnerability in fides.js via fides_description override

Summary fides.js is the script that renders Fides's consent banner on customer websites. It lets the embedding page override the banner's description text at runtime via a URL query parameter, a JavaScript global, or a cookie. On sites that have opted into HTML-formatted descriptions, the...

PT-2025-47747

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 4.0.3...

CVE-2025-62920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webnique USERCENTRICS CMP usercentrics-consent-management-platform allows Stored XSS.This issue affects USERCENTRICS CMP: from n/a through = 1.0.9...

EUVD-2025-36020

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webnique USERCENTRICS CMP usercentrics-consent-management-platform allows Stored XSS.This issue affects USERCENTRICS CMP: from n/a through = 1.0.9...

CVE-2025-62920

CVE-2025-62920 is a cross-site scripting (stored XSS) vulnerability in the WordPress plugin USERCENTRICS CMP (versions

EUVD-2025-18289

Malicious code in bioql PyPI...

EUVD-2025-25037

Malicious code in bioql PyPI...

EUVD-2025-18288

Malicious code in bioql PyPI...

EUVD-2025-19188

Malicious code in bioql PyPI...

CVE-2025-8092

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal COOKiES Consent Management allows Cross-Site Scripting XSS.This issue affects COOKiES Consent Management: from 0.0.0 before 1.2.16...

CVE-2025-8092

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal COOKiES Consent Management allows Cross-Site Scripting XSS.This issue affects COOKiES Consent Management: from 0.0.0 before 1.2.16...

CVE-2025-8092

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal COOKiES Consent Management allows Cross-Site Scripting XSS.This issue affects COOKiES Consent Management: from 0.0.0 before 1.2.16...

CVE-2025-8092

CVE-2025-8092 FFECT: Drupal COOKiES Consent Management before 1.2.16 is vulnerable to a Cross-site Scripting (XSS) flaw in the COOKiES video submodule due to improper input neutralization during web page generation. Affected versions: 0.0.0 up to

CVE-2025-8092 COOKiES Consent Management - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-092

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal COOKiES Consent Management allows Cross-Site Scripting XSS.This issue affects COOKiES Consent Management: from 0.0.0 before 1.2.16...

Drupal COOKiES Consent Management 安全漏洞

Drupal COOKiES Consent Management is a module plugin in the Drupal content management system for the Drupal community. A security vulnerability exists in Drupal COOKiES Consent Management versions prior to 1.2.16 that stems from improper input neutralization and could lead to a cross-site scripti...

Drupal COOKiES Consent Management module < 1.2.16 - Authenticated Cross Site Scripting (XSS) vulnerability

Authenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module COOKiES Consent Management versions 1.2.16...

COOKiES Consent Management - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-092

This module allows you to manage video media items using the COOKiES module disabling external video elements. These elements will be enabled again, once the COOKiES banner is accepted. The module doesn't sufficiently check whether to convert "data-src" attributes to "src" when their value might...

PT-2025-30615 · Drupal · Cookies Consent Management

Name of the Vulnerable Software and Affected Versions: Drupal COOKiES Consent Management versions prior to 1.2.16 Description: A Cross-Site Scripting XSS issue exists in Drupal COOKiES Consent Management. This affects versions using the COOKiES Video submodule. Recommendations: Update to version...

CVE-2025-5682

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Klaro Cookie & Consent Management allows Cross-Site Scripting XSS.This issue affects Klaro Cookie & Consent Management: from 0.0.0 before 3.0.7...

CVE-2025-5682 Klaro Cookie & Consent Management - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-080

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Klaro Cookie & Consent Management allows Cross-Site Scripting XSS.This issue affects Klaro Cookie & Consent Management: from 0.0.0 before 3.0.7...