CNNVD-202506-1782 Information
Jun 13, 2025
cve
CNNVD ID
CNNVD-202506-1782
Related CVE
- CNNVD Published: 2025-06-13
Description (Chinese)
Drupal Simple Klaro是Drupal社区的一款给Consent Management Software Klaro的扩展软件。 Drupal Simple Klaro 1.10.0之前版本存在安全漏洞,该漏洞源于输入中和不当,可能导致跨站脚本攻击。
Description (English)
Drupal Simple Klaro is an extension of the Drupal community to the Community Software Klaro. There was a security loophole in the pre-Drupal Simple Klaro 1.10.0 version, which had its origin in inaccuracy and could have led to a cross-site script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Drupal
Published
2025-06-13
Last Modified
2026-02-24
References
https://www.drupal.org/sa-contrib-2025-073 https://vigilance.fr/vulnerability/Drupal-Simple-Klaro-Cross-Site-Scripting-via-Data-Attributes-47295
Patch
https://www.drupal.org/project/simple_klaro/releases/
Share on: