VYPR
Unrated severityNVD Advisory· Published Apr 23, 2025· Updated Apr 23, 2025

Bootstrap Site Alert - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-042

CVE-2025-3901

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting (XSS).This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Drupal/Bootstrap Site Alertllm-create2 versions
    from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4+ 1 more
    • (no CPE)range: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4
    • (no CPE)range: 0.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.