2 matches found
DRUPAL-CONTRIB-2025-069
This module integrates Drupal with LightGallery, enabling the use of the LightGallery library with any image field or view. The module does not adequately sanitize user input in the image field’s "alt" attribute, potentially allowing cross-site scripting XSS attacks when tags or scripts are...
DRUPAL-CONTRIB-2018-008
This module enables you to show referenced entities in tabs. The module doesn't sufficiently sanitize the body fields of the referenced entities when it prints them to the tabs. This vulnerability is mitigated by the fact that an attacker must have a role with the permission create/edit content o...