Cross-Site Scripting Vulnerability in Drupal AI
CVE-2026-13234
Currently unrated
What is CVE-2026-13234?
A vulnerability exists in Drupal AI that allows an attacker to exploit improper input handling during web page generation, leading to Cross-Site Scripting (XSS) attacks. This can enable unauthorized access to user data or facilitate phishing attacks, compromising the security of the affected applications. All versions between 0.0.0 and 1.4.3 are susceptible to this vulnerability.
Affected Version(s)
AI (Artificial Intelligence) 0.0.0 < 1.2.17
AI (Artificial Intelligence) 1.3.0 < 1.3.8
AI (Artificial Intelligence) 1.4.0 < 1.4.3
