6 matches found
CVE-2025-7715
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Block Attributes allows Cross-Site Scripting XSS.This issue affects Block Attributes: from 0.0.0 before 1.1.0, from 2.0.0 before 2.0.1...
CVE-2025-7715 Block Attributes - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-090
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Block Attributes allows Cross-Site Scripting XSS.This issue affects Block Attributes: from 0.0.0 before 1.1.0, from 2.0.0 before 2.0.1...
CVE-2025-7715
The CVE-2025-7715 entry corresponds to a Drupal Block Attributes XSS vulnerability in the Contrib module. Affected versions are block attributes before 1.1.0 and before 2.0.1 (i.e., 0.0.0–1.0.9 and 2.0.0). Root cause is improper neutralization of input during web page generation, enabling Cross-S...
CVE-2025-7715 Block Attributes - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-090
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Block Attributes allows Cross-Site Scripting XSS.This issue affects Block Attributes: from 0.0.0 before 1.1.0, from 2.0.0 before 2.0.1...
Drupal Block Attributes 安全漏洞
Drupal Block Attributes is a configuration interface plugin for the Drupal community. A security vulnerability exists in Drupal Block Attributes versions prior to 1.1.0 and prior to 2.0.1, which stems from improper input neutralization during page generation and could lead to a cross-site scripti...
PT-2025-30310 · Drupal · Drupal Block Attributes
Name of the Vulnerable Software and Affected Versions: Drupal Block Attributes versions 0.0.0 through 1.0.9 Drupal Block Attributes versions 2.0.0 through 2.0.0 Description: A flaw exists in Drupal Block Attributes that allows for Cross-Site Scripting XSS. This issue is due to improper...