CNNVD-202507-2682 Information

CNNVD ID

CNNVD-202507-2682

Related CVE

CVE-2025-7716

• CNNVD Published: 2025-07-21

Description (Chinese)

Drupal Real-time SEO for Drupal是Drupal社区的一个关键字插件。 Drupal Real-time SEO for Drupal 2.2.0之前版本存在跨站脚本漏洞，该漏洞源于网页生成期间输入中和不当，可能导致跨站脚本攻击。

Description (English)

Drupal Real-time SEO for Drupal is a key word plugin for the Drupal community. The pre-Drupal Real-time SEO for Drupal 2.2.0 has a cross-site script loophole, which stems from the inaccuracy of input during the web page generation, which may lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Drupal

Published

2025-07-21

Last Modified

2026-02-24

References

https://www.drupal.org/sa-contrib-2025-091 https://nvd.nist.gov/vuln/detail/CVE-2025-7716 https://vigilance.fr/vulnerability/Drupal-Real-time-SEO-for-Drupal-Cross-Site-Scripting-dated-17-07-2025-47732

Patch

https://www.drupal.org/sa-contrib-2025-091