GHSA-H72Q-CQ3W-H3WC Drupal CivicTheme Design System allows Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS. This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

EUVD-2025-36880

Drupal JSON Field is vulnerable to XSS...

EUVD-2025-36879

Drupal Plausible tracking is vulnerable to XSS...

EUVD-2025-36875

Drupal Reverse Proxy Header allows Manipulating User-Controlled Variables...

EUVD-2025-36878

Drupal Access code allows Brute Force Attempts...

EUVD-2025-36874

Drupal CivicTheme Design System allows Forceful Browsing...

EUVD-2025-36876

Drupal Currency allows Cross Site Request Forgery...

GHSA-27FV-RPGJ-4C6M Drupal Currency allows Cross Site Request Forgery

Cross-Site Request Forgery CSRF vulnerability in Drupal Currency allows Cross Site Request Forgery. This issue affects Currency: from 0.0.0 before 3.5.0...

GHSA-27MC-9399-R9MX Drupal Access code allows Brute Force Attempts

Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Access code allows Brute Force. This issue affects Access code: from 0.0.0 before 2.0.5...

GHSA-M3F2-XJGC-2WP2 Drupal JSON Field is vulnerable to XSS

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal JSON Field allows Cross-Site Scripting XSS. This issue affects JSON Field: from 0.0.0 before 1.5...

EUVD-2025-36877

Drupal Umami Analytics allows Cross-Site Scripting XSS...

GHSA-PR6M-QWRR-MRW9 Drupal Plausible tracking is vulnerable to XSS

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Plausible tracking allows Cross-Site Scripting XSS. This issue affects Plausible tracking: from 0.0.0 before 1.0.2...

GHSA-JXP8-4JW5-5XJC Drupal Umami Analytics allows Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS. This issue affects Umami Analytics: from 0.0.0 before 1.0.1...

Drupal Currency allows Cross Site Request Forgery

Cross-Site Request Forgery CSRF vulnerability in Drupal Currency allows Cross Site Request Forgery. This issue affects Currency: from 0.0.0 before 3.5.0...

Drupal Umami Analytics allows Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS. This issue affects Umami Analytics: from 0.0.0 before 1.0.1...

Drupal JSON Field is vulnerable to XSS

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal JSON Field allows Cross-Site Scripting XSS. This issue affects JSON Field: from 0.0.0 before 1.5...

GHSA-QXR9-F877-9842 Drupal CivicTheme Design System allows Forceful Browsing

Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing. This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

Drupal Plausible tracking is vulnerable to XSS

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Plausible tracking allows Cross-Site Scripting XSS. This issue affects Plausible tracking: from 0.0.0 before 1.0.2...

Drupal Access code allows Brute Force Attempts

Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Access code allows Brute Force. This issue affects Access code: from 0.0.0 before 2.0.5...

Drupal Reverse Proxy Header allows Manipulating User-Controlled Variables

Improper Validation of Consistency within Input vulnerability in Drupal Reverse Proxy Header allows Manipulating User-Controlled Variables. This issue affects Reverse Proxy Header: from 0.0.0 before 1.1.2...