Packagist (Composer) package
drupal/civictheme
pkg:composer/drupal/civictheme
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-12083 | — | < 1.12.0 | 1.12.0 | Oct 29, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting (XSS).This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0. | ||
| CVE-2025-12082 | — | < 1.12.0 | 1.12.0 | Oct 29, 2025 | Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0. |
- CVE-2025-12083Oct 29, 2025affected < 1.12.0fixed 1.12.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting (XSS).This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0.
- CVE-2025-12082Oct 29, 2025affected < 1.12.0fixed 1.12.0
Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0.