Unrated severityNVD Advisory· Published Dec 9, 2024· Updated Dec 10, 2024
Drupal core - Critical - Cross Site Scripting - SA-CORE-2024-005
CVE-2024-55635
Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Core allows Cross-Site Scripting (XSS).This issue affects Drupal Core: from 7.0 before 7.102.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3>=7.0 <7.102+ 1 more
- (no CPE)range: >=7.0 <7.102
- (no CPE)range: 7.0
Patches
Vulnerability mechanics
References
1News mentions
1- Drupal core - Critical - Cross Site Scripting - SA-CORE-2024-005Drupal Security Advisories · Nov 20, 2024