4 matches found
CVE-2025-12083 CivicTheme Design System - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-113
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
CVE-2025-12082
Summary of CVE-2025-12082 : Affected software is the Drupal CivicTheme Design System. The root cause is an incorrect authorization check that enables forceful browsing. This vulnerability allows disclosure of information via UI components (cards) that render content the user should not access. Im...
Drupal CivicTheme Design System module < 1.12.0 - Unauthenticated Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure vulnerability discovered by Lee Rowlands larowlan in WordPress Module CivicTheme Design System versions 1.12.0...
CVE-2022-2061
Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0...