EUVD-2024-51452

Malicious code in bioql PyPI...

The vulnerability of Typogrify, a Drupal CMS system, relates to the lack of measures taken to protect the website structure. This allows attackers to carry out XSS attacks.

The vulnerability of Typogrify, a module within the Drupal CMS system, is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows an attacker to carry out XSS attacks remotely...

CVE-2024-13238

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Typogrify allows Cross-Site Scripting XSS.This issue affects Typogrify: from 0.0.0 before 1.3.0...

CVE-2024-13238

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Typogrify allows Cross-Site Scripting XSS.This issue affects Typogrify: from 0.0.0 before 1.3.0...

CVE-2024-13238 Typogrify - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-002

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Typogrify allows Cross-Site Scripting XSS.This issue affects Typogrify: from 0.0.0 before 1.3.0...

CVE-2024-13238

The Drupal Typogrify module contains a persistent XSS when the Twig filter is used in a template, allowing bypass of Twig auto-escape. Root cause: improper input handling in web page generation. Affected: Typogrify up to version 1.3.0 (pre-1.3.0). Mitigation: upgrade to 1.3.0 or apply the provide...

CVE-2024-13238 Typogrify - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-002

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Typogrify allows Cross-Site Scripting XSS.This issue affects Typogrify: from 0.0.0 before 1.3.0...

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Typogrify prior to version 1.3.0, which stems from improper input neutralization during web page generation, resulting in a cross-site scripting...

DRUPAL-CONTRIB-2024-002

The Typogrify module brings the typographic refinements of Typogrify to Drupal. It provides a text filter and a Twig filter. The typogrify Twig filter can be used to bypass the Twig auto-escape feature, leading to a persistent Cross Site Scripting XSS vulnerability. This vulnerability is mitigate...

PT-2024-10075 · Typogrify · Typogrify

Name of the Vulnerable Software and Affected Versions: Typogrify versions 0.0.0 through 1.3.0 Description: The issue is related to improper neutralization of input during web page generation, which allows for Cross-Site Scripting XSS. This can be exploited by a remote attacker to conduct an XSS...

Typogrify - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-002

The Typogrify module brings the typographic refinements of Typogrify to Drupal. It provides a text filter and a Twig filter. The typogrify Twig filter can be used to bypass the Twig auto-escape feature, leading to a persistent Cross Site Scripting XSS vulnerability. This vulnerability is mitigate...