wid-sec-w-2026-2181
·
Published 2026-07-01
·
View on BSI CERT-Bund ↗
Drupal Extensions: Multiple Vulnerabilities
CVSS N/A
NONE
Risk Summary
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Drupal ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen, Sicherheitsmaßnahmen zu umgehen und Daten zu manipulieren.
Affected Vendors
Open Source
Affected Products (14)
Open Source
·
Drupal
Canvas <1.4.2
Open Source
·
Drupal
Canvas 1.4.2
Open Source
·
Drupal
Canvas <1.5.2
Open Source
·
Drupal
Canvas 1.5.2
Open Source
·
Drupal
Canvas <1.6.1
Open Source
·
Drupal
Canvas 1.6.1
Open Source
·
Drupal
Canvas <1.7.1
Open Source
·
Drupal
Canvas 1.7.1
Open Source
·
Drupal
FlowDrop <1.6.0
Open Source
·
Drupal
FlowDrop 1.6.0
Open Source
·
Drupal
Colorbox <2.1.5
Open Source
·
Drupal
Colorbox 2.1.5
Open Source
·
Drupal
Colorbox <2.2.1
Open Source
·
Drupal
Colorbox 2.2.1
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more