CVE-2024-13262

CVE-2024-13262: View Password - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-026

Vendor Drupal

Product View Password

Weakness CWE-79 · XSS

Published January 9, 2025

Last update January 9, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal View Password allows Cross-Site Scripting (XSS).This issue affects View Password: from 0.0.0 before 6.0.4.

Key dates

02Disclosure timeline

January 9, 2025 CVE published

January 9, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-13262 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2021-34738 Cisco Identity Services Engine Cross-Site Scripting Vulnerabilities CVE-2018-8924 CVE-2024-12514 3DVieweronline <= 2.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2014-125039 kkokko NeoXplora Trainer cross site scripting CVE-2025-64559 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)