Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/05/28 10:50 p.m.12 views

CVE-2026-6816 TFA Basic Plugins - Access Bypass

An access bypass vulnerability in Drupal TFA Basic Plugins allows users with the administer users permission to view or generate recovery codes for other users. This issue affects TFA Basic Plugins: from 7.x-1.0 through 7.x-1.2...

5.1CVSS5.8AI score0.00321EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/21 9:48 p.m.33 views

CVE-2026-4929 Simple Hierarchical Select (Drupal 7) XSS in term-derived output

Simple Hierarchical Select SHS for Drupal 7 contains cross-site scripting risk due to improper output escaping of term-derived text. Confirmed affected paths include field formatter output shsfieldformatterview and term-tree child-term data generation shstermgetchildren. Malicious taxonomy term...

5.1CVSS0.00205EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/01/14 6:40 p.m.25 views

CVE-2025-14557 XSS in Drupal 7 Facebook Pixel Module

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...

4.8CVSS0.00188EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/11/06 12:0 a.m.6 views

PT-2024-10484 · Drupal · Drupal Basic Http Authentication

Name of the Vulnerable Software and Affected Versions: Drupal Basic HTTP Authentication versions 7.X-1.0 through 7.X-1.3 Drupal Basic HTTP Authentication versions prior to 7.X-1.4 Description: The issue is related to insufficient authorization mechanisms in the Basic HTTP Authentication module of...

7.5CVSS7.4AI score0.00311EPSS
Exploits0References5
Rows per page
Query Builder