CVE-2024-13294

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal POST File allows Cross-Site Scripting XSS.This issue affects POST File: from 0.0.0 before 1.0.2...

CVE-2024-13294

CVE-2024-13294 concerns the Drupal POST File module, where improper neutralization of input during web page generation enables Cross-Site Scripting (XSS). Affected versions are 0.0.0 through 1.0.2. The root cause is input handling in the POST File endpoint; exploitation could permit user-controll...