CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-51518

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00228EPSS

Exploits0References1

BDU FSTEC•added 2025/01/14 12:0 a.m.•8 views

The vulnerability of the Entity Form Steps module in the Drupal CMS system, related to the lack of protective measures for website structures, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Entity Form Steps module in the Drupal CMS system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.2AI score0.00228EPSS

Exploits0References3Affected Software1

OSV•added 2025/01/09 9:15 p.m.•3 views

CVE-2024-13305

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Entity Form Steps allows Cross-Site Scripting XSS.This issue affects Entity Form Steps: from 0.0.0 before 1.1.4...

4.8CVSS5.8AI score0.00228EPSS

Exploits0References1

NVD•added 2025/01/09 9:15 p.m.•5 views

CVE-2024-13305

4.8CVSS0.00228EPSS

Exploits0References1

Cvelist•added 2025/01/09 8:25 p.m.•15 views

CVE-2024-13305 Entity Form Steps - Moderately critical - Cross site scripting - SA-CONTRIB-2024-071

0.00228EPSS

Exploits0References1

Vulnrichment•added 2025/01/09 8:25 p.m.•6 views

CVE-2024-13305 Entity Form Steps - Moderately critical - Cross site scripting - SA-CONTRIB-2024-071

6.4AI score0.00228EPSS

Exploits0References1

CVE•added 2025/01/09 8:25 p.m.•53 views

CVE-2024-13305

The CVE-2024-13305 entry concerns the Drupal Entity Form Steps module, with the affected range: 0.0.0 through 1.1.3. The root cause is improper neutralization of input during web page generation, enabling Cross-Site Scripting (XSS). The vulnerability is tied to the Entity Form Steps functionality...

4.8CVSS6.6AI score0.00228EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/01/09 12:0 a.m.•3 views

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Entity Form Steps prior to version 1.1.4, which stems from improper input neutralization during page generation, resulting in a cross-site scripting...

4.8CVSS6.1AI score0.00228EPSS

Exploits0References2

Positive Technologies•added 2024/12/04 12:0 a.m.•3 views

PT-2024-10087 · Drupal · Drupal Entity Form Steps

Name of the Vulnerable Software and Affected Versions: Drupal Entity Form Steps versions 0.0.0 through 1.1.3 Description: The issue is related to improper neutralization of input during web page generation, allowing for Cross-Site Scripting XSS attacks. This can enable a remote attacker to conduc...

5.5CVSS5.7AI score0.00228EPSS

Exploits0References7