Description
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Drupal core allows Cross-Site Scripting (XSS). This issue affects Drupal core: from 8.0.0 before 10.5.9, from 10.6.0 before 10.6.7, from 11.0.0 before 11.2.11, from 11.3.0 before 11.3.7.
Remediation
References
Related Vulnerabilities
WordPress Plugin Advanced Post Type Ratings Cross-Site Scripting (1.01)
WordPress Plugin Kama Click Counter Cross-Site Scripting (3.4.9)
Internet Information Services Other Vulnerability (CVE-2002-0150)
Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.11)
WordPress Plugin WordPress File Upload Multiple Vulnerabilities (2.7.6)