EUVD-2025-14932

Malicious code in bioql PyPI...

CVE-2025-47702

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal oEmbed Providers allows Cross-Site Scripting XSS.This issue affects oEmbed Providers: from 0.0.0 before 2.2.2...

CVE-2025-47702

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal oEmbed Providers allows Cross-Site Scripting XSS.This issue affects oEmbed Providers: from 0.0.0 before 2.2.2...

CVE-2025-47702

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal oEmbed Providers allows Cross-Site Scripting XSS.This issue affects oEmbed Providers: from 0.0.0 before 2.2.2...

CVE-2025-47702 oEmbed Providers - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-048

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal oEmbed Providers allows Cross-Site Scripting XSS.This issue affects oEmbed Providers: from 0.0.0 before 2.2.2...

CVE-2025-47702 oEmbed Providers - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-048

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal oEmbed Providers allows Cross-Site Scripting XSS.This issue affects oEmbed Providers: from 0.0.0 before 2.2.2...

CVE-2025-47702

Drupal oEmbed Providers module is affected by an XSS vulnerability from improper input neutralization during web page generation. Affected versions are 0.0.0 through 2.2.1; update to 2.2.2 or later to resolve. Several sources describe this as unauthenticated XSS impacting Drupal oEmbed Providers.

Drupal oEmbed Providers 跨站脚本漏洞

Drupal oEmbed Providers is a module plugin in the Drupal content management system from the Drupal community. A cross-site scripting vulnerability exists in Drupal oEmbed Providers versions prior to 2.2.2 that stems from improper input neutralization and could lead to a cross-site scripting attac...

PT-2025-21190 · Unknown · Oembed Providers

Name of the Vulnerable Software and Affected Versions: oEmbed Providers versions 0.0.0 through 2.2.1 Description: The issue affects oEmbed Providers, allowing Cross-Site Scripting XSS due to improper neutralization of input during web page generation. Recommendations: For versions 0.0.0 through...

DRUPAL-CONTRIB-2025-048

This module extends the core Media module and allows site creators to permit oEmbed providers in addition to YouTube and Vimeo, which are deemed trustworthy by the Drupal Security Team. The module doesn't sufficiently mark its administrative permission as restricted, creating the possibility for...