CVE-2025-13981

Medium CVSS: 4.4

Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal AI (Artificial Intelligence) allows Cross-Site Scripting (XSS).This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.7, from 1.1.0 before 1.1.7, from 1.2.0 before 1.2.4.

Vendor

Artificial Intelligence Project

Product

Artificial Intelligence

CWE

CWE-79

Yayın Tarihi

2026-01-28 20:16:07

Güncelleme

2026-02-19 21:19:24

Source Identifier

mlhess@drupal.org

KEV Date Added

Kategoriler

CWE-79 Artificial Intelligence MEDIUM Artificial Intelligence Project 2026

Referanslar

https://www.drupal.org/sa-contrib-2025-119

Benzer Kayıtlar

High

CVE-2026-3573

Incorrect Authorization vulnerability in Drupal AI (Artificial Intelligence) allows Resource Injection.This issue affect…

High

CVE-2025-31677

Cross-Site Request Forgery (CSRF) vulnerability in Drupal AI (Artificial Intelligence) allows Cross Site Request Forgery…

High

CVE-2025-31678

Missing Authorization vulnerability in Drupal AI (Artificial Intelligence) allows Forceful Browsing.This issue affects A…