Skip to main content

Ui Icons

1 CVEs product

Monthly

CVE-2026-2349 PHP MEDIUM PATCH This Month

A Cross-Site Scripting (XSS) vulnerability exists in the Drupal UI Icons module due to improper neutralization of user input during web page generation. This vulnerability affects UI Icons versions 0.0.0 through 1.0.0 and versions 1.1.0 through 1.1.0, allowing attackers to inject malicious scripts that execute in the context of victim browsers. No CVSS score, EPSS data, or confirmed KEV status is currently available; however, the XSS classification and Drupal reporting indicate this requires prompt patching to versions 1.0.1 or 1.1.1.

XSS Ui Icons
NVD VulDB
CVSS 3.1
6.1
EPSS
0.0%
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

A Cross-Site Scripting (XSS) vulnerability exists in the Drupal UI Icons module due to improper neutralization of user input during web page generation. This vulnerability affects UI Icons versions 0.0.0 through 1.0.0 and versions 1.1.0 through 1.1.0, allowing attackers to inject malicious scripts that execute in the context of victim browsers. No CVSS score, EPSS data, or confirmed KEV status is currently available; however, the XSS classification and Drupal reporting indicate this requires prompt patching to versions 1.0.1 or 1.1.1.

XSS Ui Icons
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy