7 matches found
CVE-2020-13672
Cross-site Scripting XSS vulnerability in Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions prior to 9.1.7; 9.0.x versions prior to 9.0.12; 8.9.x versions prior to 8.9.14; 7.x versions prior to...
CVE-2020-13672
Cross-site Scripting XSS vulnerability in Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions prior to 9.1.7; 9.0.x versions prior to 9.0.12; 8.9.x versions prior to 8.9.14; 7.x versions prior to...
CVE-2020-13672
Cross-site Scripting XSS vulnerability in Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions prior to 9.1.7; 9.0.x versions prior to 9.0.12; 8.9.x versions prior to 8.9.14; 7.x versions prior to...
CVE-2020-13672
Cross-site Scripting XSS vulnerability in Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions prior to 9.1.7; 9.0.x versions prior to 9.0.12; 8.9.x versions prior to 8.9.14; 7.x versions prior to...
CVE-2020-13672
Removed by vendor...
CVE-2020-13672
CVE-2020-13672 is a Drupal core Cross-site Scripting (XSS) issue in the sanitization API. The exposure affects Drupal Core versions: 9.1.x before 9.1.7; 9.0.x before 9.0.12; 8.9.x before 8.9.14; and 7.x before 7.80. The root cause is insufficient filtering of certain scripts during sanitization, ...
Drupal 7.x, 8.x, 9.x XSS Vulnerability (SA-CORE-2021-002) - Linux
Drupal is prone to a cross-site scripting XSS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...