CNNVD-202506-3301 Information

CNNVD ID

CNNVD-202506-3301

Related CVE

CVE-2025-48923

• CNNVD Published: 2025-06-26

Description (Chinese)

Drupal Toc.js是Drupal社区的一个目录生成插件。 Drupal Toc.Js 3.2.1之前版本存在安全漏洞，该漏洞源于输入中和不当，可能导致跨站脚本攻击。

Description (English)

Drupal Toc.js is a catalogue-generated plugin for the Drupal community. There was a security loophole in the pre-Drupal Toc.Js 3.2.1 version, which originated in inappropriate input and could lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Drupal

Published

2025-06-26

Last Modified

2026-02-24

References

https://www.drupal.org/sa-contrib-2025-077

Patch

https://www.drupal.org/sa-contrib-2025-077