CVE 6.1 MEDIUM

Obfuscate – Moderately critical – Cross-site scripting – SA-CONTRIB-2026-033_CVE-2026-6871

May 20, 2026 invoker category_cve
6.1 / 10
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Description

Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Obfuscate allows Cross-Site Scripting (XSS).

This issue affects Obfuscate: from 0.0.0 before 2.0.2.

Basic Information

ID CVE-2026-6871
Source drupal
Published May 19, 2026 at 22:28
Modified May 20, 2026 at 13:22

Affected Product

Vendor Drupal
Product Obfuscate
Version 0.0.0
Affected Versions Drupal Obfuscate 0.0.0

CWE Classification

CWE-79

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.