EUVD-2025-33790

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Facets allows Cross-Site Scripting XSS.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1...

EUVD-2025-33791

Missing Authorization vulnerability in Drupal Facets allows Forceful Browsing.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1...

CVE-2025-9550

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Facets allows Cross-Site Scripting XSS.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1...

CVE-2025-9549

Missing Authorization vulnerability in Drupal Facets allows Forceful Browsing.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1...

CVE-2025-9549

Missing Authorization vulnerability in Drupal Facets allows Forceful Browsing.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1...

CVE-2025-9550

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Facets allows Cross-Site Scripting XSS.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1...

CVE-2025-9550 Facets - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-100

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Facets allows Cross-Site Scripting XSS.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1...

CVE-2025-9550 Facets - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-100

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Facets allows Cross-Site Scripting XSS.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1...

CVE-2025-9550

CVE-2025-9550 : Drupal Facets has an improper neutralization of input during web page generation, allowing Cross-Site Scripting (XSS). Affected are Drupal Facets versions before 2.0.10 and before 3.0.1. Remediation is to upgrade to Facets 2.0.10+ or 3.0.1+. The CVSS 3.1 base score is 6.1 (MEDIUM)...

CVE-2025-9549 Facets - Moderately critical - Information Disclosure - SA-CONTRIB-2025-099

Missing Authorization vulnerability in Drupal Facets allows Forceful Browsing.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1...

CVE-2025-9549

Drupal Facets is affected by a Missing Authorization vulnerability enabling forceful browsing in certain older versions. Affected ranges are Facets 0.0.0 through 2.0.9 and 3.0.0 through 3.0.0; the issue is fixed by upgrading to 2.0.10+ or 3.0.1+. No exploitation details are provided in the source...

CVE-2025-9549 Facets - Moderately critical - Information Disclosure - SA-CONTRIB-2025-099

Missing Authorization vulnerability in Drupal Facets allows Forceful Browsing.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1...

Drupal Facets 安全漏洞

Drupal Facets is a browser plugin for the Drupal community. A security vulnerability exists in Drupal Facets version 0.0.0 up to and including version 2.0.10 and version 3.0.0 up to and including version 3.0.1, which stems from a lack of authorization and could lead to a forced browsing attack...

PT-2025-41617

Name of the Vulnerable Software and Affected Versions Drupal Facets versions 0.0.0 through 2.0.9 Drupal Facets versions 3.0.0 through 3.0.0 Description A missing authorization issue exists in Drupal Facets, potentially allowing forceful browsing. The issue relates to insufficient access controls...

PT-2025-41618

Name of the Vulnerable Software and Affected Versions Drupal Facets versions prior to 2.0.10 Drupal Facets versions prior to 3.0.1 Description A flaw exists in Drupal Facets that allows for Cross-Site Scripting XSS. This occurs due to improper neutralization of input during web page generation. T...

Drupal Facets 安全漏洞

Drupal Facets is a browser plugin for the Drupal community. A security vulnerability exists in Drupal Facets versions 0.0.0 through 2.0.10 and 3.0.0 through 3.0.1, which stems from improper input neutralization during web page generation and could lead to a cross-site scripting attack...

Drupal Facets module < 2.0.10,3.0.0 - Unauthenticated Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure vulnerability discovered by Damien McKenna damienmckenna in WordPress Module Facets versions 2.0.10,3.0.0...

Drupal Facets module < 2.0.10,3.0.0 - Authenticated Cross Site Scripting (XSS) vulnerability

Authenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module Facets versions 2.0.10,3.0.0...

CVE-2024-13283

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Facets allows Cross-Site Scripting XSS.This issue affects Facets: from 0.0.0 before 2.0.9...

CVE-2024-13283

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Facets allows Cross-Site Scripting XSS.This issue affects Facets: from 0.0.0 before 2.0.9...