Filter
AND
-Infinity
0
Trending
Versions
7.0
56
6.0
53
7.0-alpha1
39
7.0-alpha2
39
7.0-alpha3
39
7.0-alpha4
39
7.0-alpha5
39
7.0-alpha6
39
7.0-alpha7
39
7.0-dev
39
7.1
39
7.10
39
7.2
39
7.3
38
7.4
38
5.0
36
7.0-beta1
36
7.0-beta2
36
7.0-beta3
36
7.0-rc1
36
7.0-rc2
36
7.0-rc3
36
7.0-rc4
36
7.5
36
7.6
36
7.7
36
7.8
36
7.9
36
6.1
35
6.2
35
6.3
34
7.11
34
7.12
34
6.4
30
7.14
30
7.13
29
6.0-beta1
28
6.0-beta2
28
6.0-beta3
28
6.0-beta4
28
6.5
28
6.6
28
6.10
27
6.7
26
6.8
26
6.9
26
7.15
26
6.11
25
6.12
25
7.16
25
Oracle REST Data ServicesJQuery Cross-Site Scripting (XSS) Vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/drupal/coreDrupal core - Critical - Cross site scripting - SA-CORE-2025-001
6.1
EPSS
0.03%
First published (updated )
Oracle Banking Digital ExperiencePotential XSS vulnerability in jQuery
6.9
First published (updated )
composer/drupal/coreDrupal core - Moderately critical - Access Bypass - SA-CORE-2022-013
6.5
First published (updated )
composer/drupal/coreDrupal 9.3 implemented a generic entity access API for entity revisions. However, this API was not c…
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/drupal/coreDrupal core - Moderately critical - Access bypass - SA-CORE-2023-005
6.5
First published (updated )
DrupalResponsive and off-canvas menu - Moderately critical - Access bypass - SA-CONTRIB-2024-030
5.3
First published (updated )
DrupalPOST File - Critical - Cross Site Scripting, Arbitrary PHP code execution - SA-CONTRIB-2024-060
5.4
First published (updated )
DrupalFacets - Critical - Cross Site Scripting - SA-CONTRIB-2024-047
6.1
First published (updated )
DrupalDrupal core - Critical - Cross Site Scripting - SA-CORE-2024-005
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle Financial Services Analytical Applications InfrastructureCross-site Scripting in CKEditor4
5.4
First published (updated )
composer/drupal/coreDrupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-004
5.4
First published (updated )
composer/drupal/corecore/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) …
5.3
First published (updated )
Acquia CommonsThe commons_discussion_views_default_views function in modules/features/commons_discussion/commons_d…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Michelle Cox Advanced ForumAdvanced Forum 6.x before 6.x-1.1, a module for Drupal, does not prevent users from modifying user s…
6.5
First published (updated )
LogintobogganUnspecified vulnerability in LoginToboggan 6.x-1.x before 6.x-1.5, a module for Drupal, when "Allow …
6.8
First published (updated )
Chris Desautels Node Parameter ControlThe Node Parameter Control module 6.x-1.x for Drupal does not properly restrict access to the config…
6.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Speedtech StormThe Storm module 6.x before 6.x-1.25 for Drupal does not enforce privilege requirements for storminv…
First published (updated )
David Alkire Email2imageThe email2image module 6.x-1.x and 6.x-2.x for Drupal does not properly restrict access to nodes, wh…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.