Description
Cross-site Scripting (XSS) vulnerability in Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions prior to 9.1.7; 9.0.x versions prior to 9.0.12; 8.9.x versions prior to 8.9.14; 7.x versions prior to 7.80.
Remediation
References
Related Vulnerabilities
Django Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-23833)
WordPress Plugin WP-HR Manager:The Human Resources Unspecified Vulnerability (2.9.4)
WordPress Plugin Subscribe to Comments Local File Inclusion (2.1.2)
Oracle Application Server CVE-2008-7233 Vulnerability (CVE-2008-7233)
qdPM Multiple Cross-site Scripting (XSS) Vulnerabilities (CVE-2015-3883)