CNNVD-202511-2925 Information

CNNVD ID

CNNVD-202511-2925

Related CVE

CVE-2025-12848

• CNNVD Published: 2025-11-26

Description (Chinese)

Drupal是Drupal社区的一套使用PHP语言开发的开源内容管理系统。 Drupal存在安全漏洞，该漏洞源于文件名渲染器中存在跨站脚本漏洞，可能导致执行任意脚本。

Description (English)

Drupal is an open-source content management system developed in the PHP language in the Drupal community. There is a security loophole in Drupal, which stems from the existence of a cross-site script gap in the document renderer, which may lead to the execution of any script.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Drupal

Published

2025-11-26

Last Modified

2026-02-24

References

https://www.drupal.org/node/3105204

Patch

https://new.drupal.org/home