CVE-2025-31687

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal SpamSpan filter allows Cross-Site Scripting XSS.This issue affects SpamSpan filter: from 0.0.0 before 3.2.1...

Drupal SpamSpan Cross-Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal SpamSpan filter allows Cross-Site Scripting XSS. This issue affects SpamSpan filter: from 0.0.0 before 3.2.1...

GHSA-8R2Q-865V-WM8J Drupal SpamSpan Cross-Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal SpamSpan filter allows Cross-Site Scripting XSS. This issue affects SpamSpan filter: from 0.0.0 before 3.2.1...

CVE-2025-31687

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal SpamSpan filter allows Cross-Site Scripting XSS.This issue affects SpamSpan filter: from 0.0.0 before 3.2.1...

CVE-2025-31687

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal SpamSpan filter allows Cross-Site Scripting XSS.This issue affects SpamSpan filter: from 0.0.0 before 3.2.1...

CVE-2025-31687 SpamSpan filter - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-016

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal SpamSpan filter allows Cross-Site Scripting XSS.This issue affects SpamSpan filter: from 0.0.0 before 3.2.1...

CVE-2025-31687

CVE-2025-31687 records an XSS vulnerability in the Drupal SpamSpan filter. Public sources indicate the issue affects SpamSpan filter versions 0.0.0 through 3.2.0 and stems from improper input neutralization during web page generation, enabling cross-site scripting. The vulnerability is fixed in v...

CVE-2025-31687 SpamSpan filter - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-016

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal SpamSpan filter allows Cross-Site Scripting XSS.This issue affects SpamSpan filter: from 0.0.0 before 3.2.1...

PT-2025-13851 · Drupal · Drupal Spamspan Filter

Name of the Vulnerable Software and Affected Versions: Drupal SpamSpan filter versions 0.0.0 through 3.2.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, in the Drupal SpamSpan filter. This allows for...

Drupal SpamSpan filter 跨站脚本漏洞

Drupal SpamSpan filter is a Drupal community module for spam prevention. A cross-site scripting vulnerability exists in Drupal SpamSpan filter versions prior to 3.2.1, which stems from improper input neutralization and could lead to cross-site scripting attacks...

Drupal SpamSpan filter module < 3.2.1 - Unauthenticated Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module SpamSpan filter versions 3.2.1...

SpamSpan filter - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-016

This module enables your site to obfuscate Email addresses and prevent spambots to collect them. The module doesn't sanitize HTML data attributes when an email address link is transformed to separate span HTML elements and then transformed back by JavaScript leading to a Cross Site Scripting XSS...

DRUPAL-CONTRIB-2020-002

The SpamSpan module obfuscates email addresses to help prevent spambots from collecting them. This module contains a spamspan twig filter which doesn't sanitize the passed HTML string. This vulnerability is mitigated by the fact that sites must have custom twig template files that use the SpamSpa...

SpamSpan filter - Moderately critical - Cross site scripting - SA-CONTRIB-2020-002

The SpamSpan module obfuscates email addresses to help prevent spambots from collecting them. This module contains a spamspan twig filter which doesn't sanitize the passed HTML string. This vulnerability is mitigated by the fact that sites must have custom twig template files that use the SpamSpa...