CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48915 – COOKiES Consent Management - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-076
https://notcve.org/view.php?id=CVE-2025-48915
13 Jun 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal COOKiES Consent Management allows Cross-Site Scripting (XSS).This issue affects COOKiES Consent Management: from 0.0.0 before 1.2.15. • https://www.drupal.org/sa-contrib-2025-076 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48914 – COOKiES Consent Management - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-075
https://notcve.org/view.php?id=CVE-2025-48914
13 Jun 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal COOKiES Consent Management allows Cross-Site Scripting (XSS).This issue affects COOKiES Consent Management: from 0.0.0 before 1.2.15. • https://www.drupal.org/sa-contrib-2025-075 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48920 – etracker - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-074
https://notcve.org/view.php?id=CVE-2025-48920
13 Jun 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal etracker allows Cross-Site Scripting (XSS).This issue affects etracker: from 0.0.0 before 3.1.0. • https://www.drupal.org/sa-contrib-2025-074 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48919 – Simple Klaro - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-073
https://notcve.org/view.php?id=CVE-2025-48919
13 Jun 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Simple Klaro allows Cross-Site Scripting (XSS).This issue affects Simple Klaro: from 0.0.0 before 1.10.0. • https://www.drupal.org/sa-contrib-2025-073 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48917 – EU Cookie Compliance (GDPR Compliance) - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-072
https://notcve.org/view.php?id=CVE-2025-48917
13 Jun 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal EU Cookie Compliance (GDPR Compliance) allows Cross-Site Scripting (XSS).This issue affects EU Cookie Compliance (GDPR Compliance): from 0.0.0 before 1.26.0. • https://www.drupal.org/sa-contrib-2025-072 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48918 – Simple Klaro - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-071
https://notcve.org/view.php?id=CVE-2025-48918
13 Jun 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Simple Klaro allows Cross-Site Scripting (XSS).This issue affects Simple Klaro: from 0.0.0 before 1.10.0. • https://www.drupal.org/sa-contrib-2025-071 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48916 – Bookable Calendar - Less critical - Access bypass - SA-CONTRIB-2025-070
https://notcve.org/view.php?id=CVE-2025-48916
13 Jun 2025 — Missing Authorization vulnerability in Drupal Bookable Calendar allows Forceful Browsing.This issue affects Bookable Calendar: from 0.0.0 before 2.2.13. • https://www.drupal.org/sa-contrib-2025-070 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48447 – Lightgallery - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-069
https://notcve.org/view.php?id=CVE-2025-48447
11 Jun 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Lightgallery allows Cross-Site Scripting (XSS).This issue affects Lightgallery: from 0.0.0 before 1.6.0. • https://www.drupal.org/sa-contrib-2025-069 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48448 – Admin Audit Trail - Less critical - Denial of Service - SA-CONTRIB-2025-068
https://notcve.org/view.php?id=CVE-2025-48448
11 Jun 2025 — Allocation of Resources Without Limits or Throttling vulnerability in Drupal Admin Audit Trail allows Excessive Allocation.This issue affects Admin Audit Trail: from 0.0.0 before 1.0.5. • https://www.drupal.org/sa-contrib-2025-068 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48446 – Commerce Alphabank Redirect - Moderately critical - Access bypass - SA-CONTRIB-2025-067
https://notcve.org/view.php?id=CVE-2025-48446
11 Jun 2025 — Incorrect Authorization vulnerability in Drupal Commerce Alphabank Redirect allows Functionality Misuse.This issue affects Commerce Alphabank Redirect: from 0.0.0 before 1.0.3. • https://www.drupal.org/sa-contrib-2025-067 • CWE-863: Incorrect Authorization •