Skip to main content

At Internet Smarttag

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-0946 PHP MEDIUM PATCH This Month

Cross-site scripting in the AT Internet SmartTag Drupal module versions before 1.0.1 enables attackers to inject malicious scripts through improper input validation on web pages. An attacker can exploit this vulnerability remotely without authentication to steal session cookies, perform actions on behalf of users, or deface content, though user interaction is required for successful exploitation. No patch is currently available for affected Drupal installations.

XSS Drupal At Internet Smarttag
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-0946 PHP
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Cross-site scripting in the AT Internet SmartTag Drupal module versions before 1.0.1 enables attackers to inject malicious scripts through improper input validation on web pages. An attacker can exploit this vulnerability remotely without authentication to steal session cookies, perform actions on behalf of users, or deface content, though user interaction is required for successful exploitation. No patch is currently available for affected Drupal installations.

XSS Drupal At Internet Smarttag
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy