Drupal core - Critical - Cross-site scripting - SA-CORE-2021-002
|
System information
|
|
|
Affected software |
Drupal |
Description
|
Project: Drupal coreDate: 2021-April-21Security risk: Critical 15∕25 AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:DefaultVulnerability: Cross-site scriptingCVE IDs: CVE-2020-13672Description: Drupal cores sanitization API fails to properly filter cross-site scripting under certain circumstances.Not all sites and users are affected, but configuration changes to prevent the exploit might be impractical and will vary between sites. Therefore, we recommend all sites update to this
More info:
https://www.drupal.org/sa-core-2021-002 |
Standar resources
|
Property |
Value |
CVE |
CVE-2020-13672. |