CNNVD-202506-1610 Information

CNNVD ID

CNNVD-202506-1610

Related CVE

CVE-2025-48447

• CNNVD Published: 2025-06-11

Description (Chinese)

Drupal Lightgallery是Drupal社区的一个插件。 Drupal Lightgallery 1.6.0之前版本存在跨站脚本漏洞，该漏洞源于输入中和不当，可能导致跨站脚本攻击。

Description (English)

Drupal Lightgalery is a plugin for the Drupal community. The pre-Drupal Lightgalery 1.6.0 version had a cross-site script loophole, which originated in inappropriate input and could lead to cross-site script attacks.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

Drupal

Published

2025-06-11

Last Modified

2026-02-24

References

https://www.drupal.org/sa-contrib-2025-069 https://vigilance.fr/vulnerability/Drupal-Lightgallery-Cross-Site-Scripting-via-Alt-Attribute-47242 https://nvd.nist.gov/vuln/detail/CVE-2025-48447

Patch

https://www.drupal.org/sa-contrib-2025-069