CVE-2020-13672
EUVD-2022-079311.02.2022, 16:15
Cross-site Scripting (XSS) vulnerability in Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions prior to 9.1.7; 9.0.x versions prior to 9.0.12; 8.9.x versions prior to 8.9.14; 7.x versions prior to 7.80.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| drupal | drupal | 𝑥 < 7.80 |
| drupal | drupal | 8.9.0 ≤ 𝑥 < 8.9.14 |
| drupal | drupal | 9.0.0 ≤ 𝑥 < 9.0.12 |
| drupal | drupal | 9.1.0 ≤ 𝑥 < 9.1.7 |
𝑥
= Vulnerable software versions
Ubuntu Releases