CNNVD-202601-4689 Information

CNNVD ID

CNNVD-202601-4689

Related CVE

CVE-2026-0749

• CNNVD Published: 2026-01-28

Description (Chinese)

Drupal Form Builder是Drupal社区的一个表单生成器插件。 Drupal Form Builder 7.X-1.0版本至7.X-1.22版本存在安全漏洞，该漏洞源于网页生成期间输入中和不当，可能导致跨站脚本攻击。

Description (English)

Drupal Form Builder is a form generator plugin for the Drupal community. Drupal Form Builder 7.X-1.0 to 7.X-1.22 has a security loophole, which stems from inappropriate input during web page generation and may lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Drupal

Published

2026-01-28

Last Modified

2026-02-24

References

https://d7es.tag1.com/security-advisories/form-builder-less-critical-cross-site-scripting https://www.herodevs.com/vulnerability-directory/cve-2026-0749

Patch

https://gitlab.com/tag1consulting/public/form_builder/-/releases