Drupal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2020-13688 - Vulnerability Database

Drupal

Drupal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2020-13688

Medium

Reference: CVE-2020-13688

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-13688

Title: Drupal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Overview:

Cross-site scripting vulnerability in l Drupal Core allows an attacker could leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8.8.X versions prior to 8.8.10 8.9.X versions prior to 8.9.6 9.0.X versions prior to 9.0.6.