Unrated severityNVD Advisory· Published Dec 9, 2024· Updated Dec 10, 2024
Drupal core - Critical - Cross Site Scripting - SA-CORE-2024-005
CVE-2024-55635
Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Core allows Cross-Site Scripting (XSS).This issue affects Drupal Core: from 7.0 before 7.102.
Affected products
3- Range: >=7.0 <7.102
- Drupal/Drupal Corev5Range: 7.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
1- Drupal core - Critical - Cross Site Scripting - SA-CORE-2024-005Drupal Security Advisories · Nov 20, 2024