CVE-2024-13273

Medium CVSS: 5.4

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Open Social allows Cross-Site Scripting (XSS).This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5, from 13.0.0 before 13.0.0-alpha11.

Vendor

Getopensocial

Product

Open Social

CWE

CWE-79

Yayın Tarihi

2025-01-09 20:15:36

Güncelleme

2025-08-28 13:03:20

Source Identifier

mlhess@drupal.org

KEV Date Added

Kategoriler

CWE-79 Open Social MEDIUM Getopensocial 2025

Referanslar

https://www.drupal.org/sa-contrib-2024-037

Benzer Kayıtlar

High

CVE-2025-48921

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Open Social allows Cross Site Request Forgery.This issue affec…

Critical

CVE-2025-31685

Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from…

High

CVE-2025-31686

Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from…

Medium

CVE-2024-13312

Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from…

Medium

CVE-2024-13274

Improper Control of Interaction Frequency vulnerability in Drupal Open Social allows Functionality Misuse.This issue aff…

High

CVE-2024-13240

Improper Access Control vulnerability in Drupal Open Social allows Collect Data from Common Resource Locations.This issu…