CVE Details
Basic Information
| Title | Paragraphs table – Moderately critical – Cross Site Scripting – SA-CONTRIB-2025-084 |
|---|---|
| Type | cve |
| Published | 2025-06-26T13:34:08.284Z |
| Last Seen |
Product Information
| Vendor | Drupal |
|---|---|
| Product | Paragraphs table |
| Version | 2.0.0 |
CVSS Information
| Base Score | 0.0 () |
|---|---|
| Attack Vector | |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A Cross-Site Scripting (XSS) vulnerability in the Drupal Paragraphs table module allows attackers to inject malicious scripts. This affects versions 2.0.0 to 2.0.4. The issue stems from improper input neutralization during web page generation. |
|---|---|
| AI Severity | Medium |
| Vendor | Drupal Community |
| Product | Paragraphs table |
| Affected Version | 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4 |
Affected Products
- Drupal Paragraphs table 2.0.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-79 |
| Bulletin Family |
References
Description
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Drupal Paragraphs table allows Cross-Site Scripting (XSS). This issue affects Paragraphs table: from 2.0.0 before 2.0.5.