Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Core allows Cross-Site Scripting (XSS).This issue affects Drupal Core: from 7.0 before 7.102.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2010-2390 Vulnerability (CVE-2010-2390)
WordPress Plugin We�re Open! Cross-Site Scripting (1.41)
WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (4.6.12)
Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-62252)
WordPress Plugin Monsters Editor for WP Super Edit Arbitrary File Upload (1.1)