CNNVD-202507-2681 Information

CNNVD ID

CNNVD-202507-2681

Related CVE

CVE-2025-7715

• CNNVD Published: 2025-07-21

Description (Chinese)

Drupal Block Attributes是Drupal社区的一个配置界面插件。 Drupal Block Attributes 1.1.0之前版本和2.0.1之前版本存在安全漏洞，该漏洞源于网页生成期间输入中和不当，可能导致跨站脚本攻击。

Description (English)

Drupal Block Attributes is a configuration interface for the Drupal community. There was a security loophole in previous versions of Drupal Block Attributes 1.1.0 and before 2.0.1, which stemmed from the misinformation of input during the web page generation, which could lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Drupal

Published

2025-07-21

Last Modified

2026-02-24

References

https://www.drupal.org/sa-contrib-2025-090 https://nvd.nist.gov/vuln/detail/CVE-2025-7715 https://vigilance.fr/vulnerability/Drupal-Block-Attributes-Cross-Site-Scripting-dated-17-07-2025-47731

Patch

https://www.drupal.org/sa-contrib-2025-090