CNNVD-202511-2040 Information

CNNVD ID

CNNVD-202511-2040

Related CVE

CVE-2025-12761

• CNNVD Published: 2025-11-18

Description (Chinese)

Drupal Simple multi step form是Drupal社区的一个表单模块。 Drupal Simple multi step form 2.0.0之前版本存在安全漏洞，该漏洞源于网页生成期间输入中和不当，可能导致跨站脚本攻击。

Description (English)

Drupal Simple multi step form is a form module for the Drupal community. There was a security loophole in the previous version of Drupal Simple Multi Step form 2.0, which stemmed from the misinformation of input during the web page generation and could lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Drupal

Published

2025-11-18

Last Modified

2026-02-24

References

https://www.drupal.org/sa-contrib-2025-116 https://vigilance.fr/vulnerability/Drupal-Simple-multi-step-form-Cross-Site-Scripting-dated-06-11-2025-48676

Patch

https://www.drupal.org/project/simple_multistep/releases