Vulnerability in Megamenu Framework Affects Drupal by Drupal Community
CVE-2024-13299

Currently unrated

Key Information:

Vendor: Drupal
Vendor: CVE Published:; 9 January 2025

Summary

A security flaw in the Megamenu Framework for Drupal enables potential attackers to execute arbitrary JavaScript code in the context of the user's browser. This vulnerability could lead to unauthorized actions on behalf of the user or the theft of sensitive information. It is essential for site administrators using the Megamenu Framework to review their installations and apply necessary updates as soon as they become available.

References

https://www.drupal.org/sa-contrib-2024-065

Timeline

Vulnerability published
Jan 9, 2025