Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Drupal
Drupaladded 2025/06/25 12:0 a.m.6 views

CKEditor5 Youtube - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-081

The CKEditor5 Youtube module enhances content creation in Drupal by seamlessly integrating YouTube video embedding into the CKEditor 5 text editor. The module doesn't sufficiently validate iframe sources under the scenario where a user embeds a video using the CKEditor YouTube integration leading...

6.1CVSS5.6AI score0.00182EPSS
Exploits0References1
OSV
OSVadded 2022/05/25 4:45 p.m.2 views

DRUPAL-CONTRIB-2022-042

The Drupal Embed module provides a filter to allow embedding various embeddable items like entities in content fields. In certain circumstances, the filter could allow an unprivileged user to inject HTML into a page when it is accessed by a trusted user with permission to embed items. In some...

6.4AI score
Exploits0References1
OSV
OSVadded 2021/09/15 3:28 p.m.3 views

DRUPAL-CONTRIB-2021-028

This advisory addresses a similar issue to Drupal core - Moderately critical - Cross Site Request Forgery - SA-CORE-2021-006. The Entity Embed module provides a filter to allow embedding entities in content fields. In certain circumstances, the filter could allow an unprivileged user to inject HT...

6.1CVSS6.1AI score0.00148EPSS
Exploits0References1
Rows per page
Query Builder