Critical Cross-site Scripting Vulnerability in Drupal Core

72% confidence

Description

A critical cross-site scripting (XSS) vulnerability affecting multiple versions of Drupal core, as addressed in Drupal Security Advisory SA-CORE-2026-001.

Affected Products

Vendor	Product	Versions
drupal	drupal core	multiple versions

Related News (1 articles)

Tier B

CCCS Canada7h ago

Drupal security advisory (AV26-359)

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

CWECWE-79

PublishedApr 16, 2026

Last enriched7h ago

Community Vote

0 upvotes0 downvotes

Critical Cross-site Scripting Vulnerability in Drupal Core

Description

Affected Products

Related News (1 articles)

Community Vote

Pin to Dashboard

Verification

Vulnerability Timeline