CVE-2025-11570

Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...

EUVD-2025-33657

drupal-pattern-lab/unified-twig-extensions is vulnerable to XXS...

drupal-pattern-lab/unified-twig-extensions is vulnerable to XXS

Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...

GHSA-64MV-9655-37HX drupal-pattern-lab/unified-twig-extensions is vulnerable to XXS

Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...

CVE-2025-11570

Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...

CVE-2025-11570

Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...

CVE-2025-11570

Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...

CVE-2025-11570

Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...

CVE-2025-11570

CVE-2025-11570 affects the package drupal-pattern-lab/unified-twig-extensions (versions around 0.0.0; unmaintained) with a Cross-site Scripting (XSS) vulnerability caused by insufficient data filtering. Multiple sources (NVD, Red Hat CVE page, GitHub advisory, OSV, EUVD, CNNVD, SNYK) converge on ...

PT-2025-41502

Name of the Vulnerable Software and Affected Versions drupal-pattern-lab/unified-twig-extensions versions 0.0.0 through 1.1.0 Description The package contains a Cross-site Scripting XSS issue because of inadequate data filtering. This is only exploitable when the code runs outside of Drupal, as t...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Pattern Lab. The package...