Cross-site Scripting Vulnerability in Drupal AI SEO/GEO Analyzer
CVE-2026-15085

Currently unrated

Key Information:

Vendor

Drupal

Vendor
CVE Published:
10 July 2026

What is CVE-2026-15085?

A Cross-site Scripting vulnerability has been identified in the AI SEO/GEO Analyzer for Drupal, which allows attackers to inject malicious scripts into web pages. This could lead to the execution of unauthorized actions on behalf of users who visit the affected web pages. The flaw impacts versions ranging from 0.0.0 to 1.1.3, underlining the importance of timely updates to safeguard against potential exploitation.

Affected Version(s)

AI SEO/GEO Analyzer 0.0.0 < 1.1.3

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Drew Webber (mcdruid)
Juhani Väätäjä (j-vee)
Greg Knaddison (greggles)
Drew Webber (mcdruid)
.