CVE-2026-15084

CVE-2026-15084: UI Patterns (SDC in Drupal UI) - Moderately critical - Cross site scripting - SA-CONTRIB-2026-075

Vendor Drupal
Product UI Patterns (SDC in Drupal UI)
Weakness CWE-79 · XSS
Published July 10, 2026
Last update July 10, 2026

CVSS base score

What the vulnerability does

01Description

Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal UI Patterns (SDC in Drupal UI) allows Stored XSS. This issue affects UI Patterns (SDC in Drupal UI) versions: from 2.0.0 to 2.0.17.

Key dates

02Disclosure timeline

July 10, 2026 CVE published

Related vulnerabilities

04Related CVE