CNNVD-202510-4285 Information

CNNVD ID

CNNVD-202510-4285

Related CVE

CVE-2025-10927

• CNNVD Published: 2025-10-30

Description (Chinese)

Drupal Plausible tracking是Drupal社区的一款数据分析插件。 Drupal Plausible tracking 1.0.2之前版本存在安全漏洞，该漏洞源于网页生成期间输入中和不当，可能导致跨站脚本攻击。

Description (English)

Drupal Plausible tracking is a data analysis plugin for the Drupal community. There is a security loophole in the pre-Drupal Plausible tracking version of 1.0.2, which stems from the inaccuracy of input during the web page generation and may lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Drupal

Published

2025-10-30

Last Modified

2026-02-24

References

https://www.drupal.org/sa-contrib-2025-107 https://vigilance.fr/vulnerability/Drupal-Plausible-tracking-Cross-Site-Scripting-dated-24-09-2025-48295

Patch

https://www.drupal.org/project/plausible_tracking/releases