CVE-2025-13984
Permissive Cross-domain Security Policy with Untrusted Domains vulnerability in Drupal Next.Js allows Cross-Site Scripting (XSS).This issue affects Next.Js: from 0.0.0 before 1.6.4, from 2.0.0 before 2.0.1.
Vendor
Product
CWE
Yayın Tarihi
2026-01-28 20:16:07
Güncelleme
2026-02-06 19:02:43
Source Identifier
mlhess@drupal.org
KEV Date Added
-