13921 matches found
GHSA-8H7R-J823-HW2Q vulnerabilities
Vulnerabilities for packages: drupal...
CVE-2012-2339 vulnerabilities
Vulnerabilities for packages: drupal...
GHSA-9XFG-6WHQ-QVGM vulnerabilities
Vulnerabilities for packages: drupal...
GHSA-H4QQ-2J4V-765M vulnerabilities
Vulnerabilities for packages: drupal...
GHSA-HGF8-PV4W-P39V vulnerabilities
Vulnerabilities for packages: drupal...
GHSA-JQ75-2M55-F6CV vulnerabilities
Vulnerabilities for packages: drupal...
CVE-2009-1047 vulnerabilities
Vulnerabilities for packages: drupal...
CVE-2025-14557
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...
CVE-2025-14556
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Flag allows Cross-Site Scripting XSS.This issue affects Flag: from 7.X-3.0 through 7.X-3.9...
CVE-2025-14556
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Flag allows Cross-Site Scripting XSS.This issue affects Flag: from 7.X-3.0 through 7.X-3.9...
CVE-2025-14557
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...
CVE-2025-14557
CVE-2025-14557 affects Drupal Facebook Pixel module (facebook_pixel) with stored XSS due to improper input neutralization during page generation. Affected versions are 7.X-1.0 through 7.X-1.1. The vulnerability can allow malicious script injection via input fields rendered on generated pages, as ...
CVE-2025-14557
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...
CVE-2025-14557 XSS in Drupal 7 Facebook Pixel Module
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...
CVE-2025-14557 XSS in Drupal 7 Facebook Pixel Module
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...
CVE-2025-14556
CVE-2025-14556 is an XSS in the Drupal Flag module. Affected: Drupal Flag versions 7.X-3.0 through 7.X-3.9 . Root cause: improper neutralization of input during web page generation . Impact: Cross-Site Scripting (XSS) vulnerability; attacker could inject scripts when users view pages. Exploitatio...
CVE-2025-14556
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Flag allows Cross-Site Scripting XSS.This issue affects Flag: from 7.X-3.0 through 7.X-3.9...
CVE-2025-14556 XSS in Drupal 7 Flag Module
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Flag allows Cross-Site Scripting XSS.This issue affects Flag: from 7.X-3.0 through 7.X-3.9...
CVE-2025-14556 XSS in Drupal 7 Flag Module
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Flag allows Cross-Site Scripting XSS.This issue affects Flag: from 7.X-3.0 through 7.X-3.9...
DRUPAL-CONTRIB-2026-005
This module enables Drupal sites to authenticate users via Microsoft Entra ID formerly Azure AD using OAuth 2.0. The module doesn't sufficiently validate API responses from Microsoft allowing complete account takeover of any user, including site administrators, without requiring any credentials o...