12 matches found
EUVD-2025-19190
Malicious code in bioql PyPI...
CVE-2025-48922
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal GLightbox allows Cross-Site Scripting XSS.This issue affects GLightbox: from 0.0.0 before 1.0.16...
CVE-2025-48922
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal GLightbox allows Cross-Site Scripting XSS.This issue affects GLightbox: from 0.0.0 before 1.0.16...
CVE-2025-48922
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal GLightbox allows Cross-Site Scripting XSS.This issue affects GLightbox: from 0.0.0 before 1.0.16...
CVE-2025-48922
GLightbox for Drupal is affected by an XSS vulnerability due to improper input neutralization during web page generation. Affected versions are 0.0.0 through 1.0.15; the issue is resolved in version 1.0.16 and later. Practical impact is cross-site scripting when rendering content that uses GLight...
CVE-2025-48922 GLightbox - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-078
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal GLightbox allows Cross-Site Scripting XSS.This issue affects GLightbox: from 0.0.0 before 1.0.16...
CVE-2025-48922 GLightbox - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-078
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal GLightbox allows Cross-Site Scripting XSS.This issue affects GLightbox: from 0.0.0 before 1.0.16...
Drupal GLightbox 安全漏洞
Drupal GLightbox is a JavaScript image and video displayer for the Drupal community. A security vulnerability exists in Drupal GLightbox versions prior to 1.0.16 that stems from improper input neutralization and could lead to a cross-site scripting attack...
PT-2025-26960 · Drupal · Glightbox
Name of the Vulnerable Software and Affected Versions: GLightbox versions 0.0.0 through 1.0.15 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, in Drupal GLightbox. This allows for Cross-Site Scripting XSS...
DRUPAL-CONTRIB-2025-078
GLightbox module is a pure Javascript lightbox for CKEditor. The module doesn't sufficiently filter user-supplied text for the GLightbox Javascript library leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the...
Drupal GLightbox module < 1.0.16 - Unauthenticated Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module GLightbox versions 1.0.16...
GLightbox - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-078
GLightbox module is a pure Javascript lightbox for CKEditor. The module doesn't sufficiently filter user-supplied text for the GLightbox Javascript library leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the...