Web application abuses : Drupal XSS Vulnerability (SA-CORE-2025-004)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.154219

Kategorie: Web application abuses

Titel: Drupal XSS Vulnerability (SA-CORE-2025-004) - Linux

Zusammenfassung: Drupal is prone to a cross-site scripting (XSS); vulnerability.

Beschreibung: Summary:
Drupal is prone to a cross-site scripting (XSS)
vulnerability.

Vulnerability Insight:
Drupal core Link field attributes are not sufficiently
sanitized, which can lead to a cross-site scripting vulnerability (XSS).

Affected Software/OS:
Drupal version 8.x through 11.1.x.

Solution:
Update to version 10.3.14, 10.4.5, 11.0.13, 11.1.5 or
later.

CVSS Score:
5.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2025-31675

Copyright Copyright (C) 2025 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.154219
Kategorie:	Web application abuses
Titel:	Drupal XSS Vulnerability (SA-CORE-2025-004) - Linux
Zusammenfassung:	Drupal is prone to a cross-site scripting (XSS); vulnerability.
Beschreibung:	Summary: Drupal is prone to a cross-site scripting (XSS) vulnerability. Vulnerability Insight: Drupal core Link field attributes are not sufficiently sanitized, which can lead to a cross-site scripting vulnerability (XSS). Affected Software/OS: Drupal version 8.x through 11.1.x. Solution: Update to version 10.3.14, 10.4.5, 11.0.13, 11.1.5 or later. CVSS Score: 5.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2025-31675
Copyright	Copyright (C) 2025 Greenbone AG