11 matches found
CVE-2025-11570
Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...
EUVD-2025-33657
drupal-pattern-lab/unified-twig-extensions is vulnerable to XXS...
GHSA-64MV-9655-37HX drupal-pattern-lab/unified-twig-extensions is vulnerable to XXS
Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...
CVE-2025-11570
Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...
CVE-2025-11570
Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...
CVE-2025-11570
CVE-2025-11570 affects the package drupal-pattern-lab/unified-twig-extensions (versions around 0.0.0; unmaintained) with a Cross-site Scripting (XSS) vulnerability caused by insufficient data filtering. Multiple sources (NVD, Red Hat CVE page, GitHub advisory, OSV, EUVD, CNNVD, SNYK) converge on ...
CVE-2025-11570
Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...
CVE-2025-11570
Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...
PT-2025-41502
Name of the Vulnerable Software and Affected Versions drupal-pattern-lab/unified-twig-extensions versions 0.0.0 through 1.1.0 Description The package contains a Cross-site Scripting XSS issue because of inadequate data filtering. This is only exploitable when the code runs outside of Drupal, as t...
Drupal Unified Twig Extensions 安全漏洞
Drupal Unified Twig Extensions is a plugin for the Drupal community. A security vulnerability exists in Drupal Unified Twig Extensions that stems from insufficient data filtering and could lead to a cross-site scripting attack...
Unified Twig Extensions - Moderately critical - Cross Site Scripting - SA-CONTRIB-2023-041
This module makes PatternLab's custom Twig functions available to Drupal theming. The module's included examples don't sufficiently filter data. This vulnerability is mitigated by the fact that the included examples must have been copied to a site's theme...