At Internet Smarttag

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-0946 MEDIUM PATCH This Month

Cross-site scripting in the AT Internet SmartTag Drupal module versions before 1.0.1 enables attackers to inject malicious scripts through improper input validation on web pages. An attacker can exploit this vulnerability remotely without authentication to steal session cookies, perform actions on behalf of users, or deface content, though user interaction is required for successful exploitation. No patch is currently available for affected Drupal installations.

Drupal XSS At Internet Smarttag

NVD

CVSS 3.1

6.1

EPSS

0.0%

CVE-2026-0946

EPSS 0% CVSS 6.1

MEDIUM PATCH This Month

Cross-site scripting in the AT Internet SmartTag Drupal module versions before 1.0.1 enables attackers to inject malicious scripts through improper input validation on web pages. An attacker can exploit this vulnerability remotely without authentication to steal session cookies, perform actions on behalf of users, or deface content, though user interaction is required for successful exploitation. No patch is currently available for affected Drupal installations.

Drupal XSS At Internet Smarttag

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy