Cross-Site Scripting Vulnerability in Anti-Spam by CleanTalk for Drupal
CVE-2026-10770
Currently unrated
What is CVE-2026-10770?
A vulnerability in the Anti-Spam by CleanTalk plugin for Drupal enables attackers to execute script injections through improper input handling during web page generation. This reflected cross-site scripting (XSS) flaw impacts versions ranging from 0.0.0 to 9.7.1, potentially allowing unauthorized users to manipulate web content and steal sensitive information. Users are advised to upgrade to the latest version to mitigate security risks.
Affected Version(s)
Anti-Spam by CleanTalk 0.0.0 < 9.7.1
