Cross-Site Scripting Flaw in Drupal Owl Carousel 2
CVE-2025-9554

Currently unrated

Key Information:

Vendor

Drupal
Status
Owl Carousel 2
Vendor
CVE Published:
10 October 2025

What is CVE-2025-9554?

The Owl Carousel 2 component in Drupal is vulnerable to a cross-site scripting (XSS) issue. An attacker could exploit this vulnerability to inject malicious scripts into web pages, compromising user data and security. This flaw requires immediate attention to prevent potential attacks.

Affected Version(s)

Owl Carousel 2 *.*

References

https://www.drupal.org/sa-contrib-2025-104

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-9554 : Cross-Site Scripting Flaw in Drupal Owl Carousel 2