Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Network-accessible with no auth required; victim interaction mandatory; scope changes to browser; confidentiality and integrity limited to session/page context, no availability impact.
Primary rating from Vendor (drupal).
CVSS VectorVendor: drupal
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
4DescriptionCVE.org
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal AI (Artificial Intelligence) allows Cross-Site Scripting (XSS). This issue affects AI (Artificial Intelligence) versions: from 0.0.0 to 1.2.17, from 1.3.0 to 1.3.8, from 1.4.0 to 1.4.3.
AnalysisAI
Cross-site scripting in the Drupal AI (Artificial Intelligence) contributed module exposes sites to session hijacking and malicious content injection when users interact with unsanitized AI-generated or AI-related output rendered in the browser. The module fails to properly neutralize user-controlled or AI-sourced input before including it in generated web pages, allowing an unauthenticated remote attacker to craft a payload that executes in a victim's browser upon interaction. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that the target Drupal site has the AI (Artificial Intelligence) contributed module installed and enabled in an affected version (0.0.0-pre-1.2.17, 1.3.0-pre-1.3.8, or 1.4.0-pre-1.4.3). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Real-world risk is moderate despite a medium CVSS of 6.1. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a malicious URL or submits input to a Drupal page that triggers the AI module to reflect unsanitized content back into the HTML response. When a logged-in Drupal user (such as a site administrator or editor) is socially engineered into visiting the crafted URL, the injected JavaScript executes in their browser, potentially stealing their session cookie or performing privileged actions on their behalf within the Drupal site. … |
| Remediation | Upgrade the Drupal AI module to a patched release per the active branch in use: 1.2.17 or later for the 1.2.x branch, 1.3.8 or later for the 1.3.x branch, or 1.4.3 or later for the 1.4.x branch. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Ai Artificial Intelligence
View allDrupal AI module versions 0.0.0 before 1.1.11 and 1.2.0 before 1.2.12 contain an incorrect authorization vulnerability (
Forceful browsing exposure in Drupal's AI (Artificial Intelligence) contributed module permits high-privileged authentic
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-43058
GHSA-q48q-x876-9gr8