Security
Headlines

Headlines Latest CVEs

Headline

GHSA-m3f2-xjgc-2wp2: Drupal JSON Field is vulnerable to XSS

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Drupal JSON Field allows Cross-Site Scripting (XSS). This issue affects JSON Field: from 0.0.0 before 1.5.

1 month ago

#xss #vulnerability #web #js #git #intel

Skip to content

Navigation Menu

- AI CODE CREATION
  - GitHub CopilotWrite better code with AI
  - GitHub SparkBuild and deploy intelligent apps
  - GitHub ModelsManage and compare prompts
  - MCP RegistryNewDiscover and integrate external tools

View all features

Pricing

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

Sign up

Appearance settings

GitHub Advisory Database
GitHub Reviewed
CVE-2025-10926

Drupal JSON Field is vulnerable to XSS

Moderate severity GitHub Reviewed Published Oct 30, 2025 to the GitHub Advisory Database • Updated Oct 30, 2025

Package

composer drupal/json_field (Composer)

Description

Published to the GitHub Advisory Database

Oct 30, 2025

Last updated

Oct 30, 2025

EPSS score

ghsa: Latest News

GHSA-6gvq-jcmp-8959: ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay

2 hours ago

GHSA-r7v6-mfhq-g3m2: Fickling has Code Injection vulnerability via pty.spawn()

3 hours ago

GHSA-565g-hwwr-4pp3: Fickling has missing detection for marshal.loads and types.FunctionType in unsafe modules list

3 hours ago

GHSA-84h7-rjj3-6jx4: Netty has a CRLF Injection vulnerability in io.netty.handler.codec.http.HttpRequestEncoder

3 hours ago

GHSA-3pmh-24wp-xpf4: Weblate has Systematic User and Project Enumeration via Broken Authorization in REST API (IDOR)

4 hours ago