CNNVD-202601-4684 Information

CNNVD ID

CNNVD-202601-4684

Related CVE

CVE-2025-13979

• CNNVD Published: 2026-01-28

Description (Chinese)

Drupal Mini site是Drupal社区的一个插件。 Drupal Mini site 3.0.2之前版本存在安全漏洞，该漏洞源于权限定义包含不安全操作，可能导致存储型跨站脚本攻击。

Description (English)

Drupal Minisite is a plugin for the Drupal community. There was a security loophole in the previous version of Drupal Mini site 3.0.2, which stemmed from the fact that the definition of authority contained unsafe operations that could lead to a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Drupal

Published

2026-01-28

Last Modified

2026-02-24

References

https://www.drupal.org/sa-contrib-2025-117

Patch

https://www.drupal.org/sa-contrib-2025-117