CVE-2026-58587: CWE-79 Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Drupal Drupal Canvas
CVE-2026-58587 is a Cross-Site Scripting (XSS) vulnerability in the Drupal Canvas product. It arises from improper neutralization of input during web page generation, allowing injection of malicious…
Read the full article11h agoen
You might also wanna read
CVE-2026-58588: CWE-79 Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Drupal Drupal Canvas
radar.offseq.com·11h ago
CVE-2026-58591: CWE-79 Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Drupal Colorbox
radar.offseq.com·11h ago
CVE-2026-55809: CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes in Drupal Flag attendance field
radar.offseq.com·11h ago
CVE-2026-55806: CWE-601 URL Redirection to Untrusted Site ('Open Redirect') in Drupal Drupal core
radar.offseq.com·11h ago
CVE-2026-15080: CWE-352 Cross-Site Request Forgery (CSRF) in Drupal Ray Enterprise Translation
radar.offseq.com·11h ago
CVE-2026-15082: CWE-79 Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Drupal Siteimprove Analytics
radar.offseq.com·11h ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.