Cross-site Scripting Vulnerability in Drupal Core
CVE-2026-55808
Currently unrated
What is CVE-2026-55808?
A Cross-site Scripting (XSS) vulnerability exists within the Drupal Core, allowing attackers to inject malicious scripts into web pages. This flaw affects various versions of the Drupal Core, potentially compromising security and allowing unauthorized actions from users. Websites running affected versions are at risk and should be promptly updated to mitigate exposure to potential attacks.
Affected Version(s)
Drupal core 0.0.0 < 10.5.12
Drupal core 10.6.0 < 10.6.11
Drupal core 11.2.0 < 11.2.14
