Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13 matches found

EUVD
EUVDadded 2025/10/30 12:31 a.m.2 views

EUVD-2025-36877

Drupal Umami Analytics allows Cross-Site Scripting XSS...

3.8CVSS5.5AI score0.00031EPSS
Exploits0References2
OSV
OSVadded 2025/10/30 12:31 a.m.3 views

GHSA-JXP8-4JW5-5XJC Drupal Umami Analytics allows Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS. This issue affects Umami Analytics: from 0.0.0 before 1.0.1...

3.8CVSS5.9AI score0.00031EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2025/10/30 12:31 a.m.6 views

Drupal Umami Analytics allows Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS. This issue affects Umami Analytics: from 0.0.0 before 1.0.1...

3.8CVSS5.9AI score0.00031EPSS
Exploits0References3Affected Software1
NVD
NVDadded 2025/10/30 12:15 a.m.3 views

CVE-2025-10931

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS.This issue affects Umami Analytics: from 0.0.0 before 1.0.1...

3.8CVSS0.00031EPSS
Exploits0References1
OSV
OSVadded 2025/10/30 12:15 a.m.0 views

CVE-2025-10931

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS.This issue affects Umami Analytics: from 0.0.0 before 1.0.1...

3.8CVSS5.8AI score
Exploits0References1
CNNVD
CNNVDadded 2025/10/30 12:0 a.m.2 views

Drupal Umami Analytics 安全漏洞

Drupal Umami Analytics is a web statistics plugin for the Drupal community. A security vulnerability exists in Drupal Umami Analytics versions prior to 1.0.1, which stems from improper input neutralization during page generation and could lead to a cross-site scripting attack...

3.8CVSS5.9AI score0.00031EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/10/29 11:13 p.m.2 views

CVE-2025-10931 Umami Analytics - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-109

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS.This issue affects Umami Analytics: from 0.0.0 before 1.0.1...

5.5AI score0.00031EPSS
Exploits0References1
CVE
CVEadded 2025/10/29 11:13 p.m.6 views

CVE-2025-10931

CVE-2025-10931 corresponds to a Cross-Site Scripting (XSS) vulnerability in Drupal Umami Analytics. The connected sources confirm the flaw arises from improper neutralization of input during web page generation and affects Umami Analytics versions prior to 1.0.1 (e.g., 0.0.0 up to before 1.0.1). ...

3.8CVSS5.5AI score0.00031EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2025/10/29 11:13 p.m.6 views

CVE-2025-10931 Umami Analytics - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-109

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS.This issue affects Umami Analytics: from 0.0.0 before 1.0.1...

0.00031EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/10/29 12:0 a.m.3 views

PT-2025-44359

Name of the Vulnerable Software and Affected Versions Drupal Umami Analytics versions prior to 1.0.1 Description A flaw exists in Drupal Umami Analytics that allows for Cross-Site Scripting XSS. This issue arises from improper neutralization of input during web page generation. The vulnerability...

3.8CVSS5.8AI score0.00031EPSS
Exploits0References5
OSV
OSVadded 2025/09/24 5:27 p.m.2 views

DRUPAL-CONTRIB-2025-109

This module enables you to add Umami Analytics web statistics tracking system to your website. The "administer umami analytics" permission allows inserting an arbitrary JavaScript file on every page. While this is an expected feature, the permission lacks the "restrict access" flag, which should...

3.8CVSS5.8AI score0.00031EPSS
Exploits0References1
Drupal
Drupaladded 2025/09/24 12:0 a.m.5 views

Umami Analytics - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-109

This module enables you to add Umami Analytics web statistics tracking system to your website. The "administer umami analytics" permission allows inserting an arbitrary JavaScript file on every page. While this is an expected feature, the permission lacks the "restrict access" flag, which should...

3.8CVSS5.4AI score0.00031EPSS
Exploits0References3
Patchstack
Patchstackadded 2025/09/24 12:0 a.m.1 views

Drupal Umami Analytics module < 1.0.1 - Authenticated Cross Site Scripting (XSS) vulnerability

Authenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module Umami Analytics versions 1.0.1...

3.8CVSS6.1AI score0.00031EPSS
Exploits0Affected Software1
Rows per page
Query Builder