Skip to main content

Ui Patterns Sdc In Drupal Ui

1 CVEs product

Monthly

CVE-2026-15084 PHP MEDIUM PATCH This Month

Stored XSS in the Drupal UI Patterns (SDC in Drupal UI) contributed module allows a low-privileged authenticated attacker to inject persistent malicious scripts into web pages, which execute in the browsers of other users - including administrators - who view the affected content. Versions 2.0.0 through 2.0.17 of the module are affected, with a patch available from the Drupal security team. No public exploit identified at time of analysis, and the EPSS score of 0.25% (17th percentile) signals minimal observed exploitation pressure, though the stored nature of the XSS and potential to target privileged users elevates practical risk for sites using this module.

XSS Ui Patterns Sdc In Drupal Ui
NVD
CVSS 3.1
5.4
EPSS
0.3%
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Stored XSS in the Drupal UI Patterns (SDC in Drupal UI) contributed module allows a low-privileged authenticated attacker to inject persistent malicious scripts into web pages, which execute in the browsers of other users - including administrators - who view the affected content. Versions 2.0.0 through 2.0.17 of the module are affected, with a patch available from the Drupal security team. No public exploit identified at time of analysis, and the EPSS score of 0.25% (17th percentile) signals minimal observed exploitation pressure, though the stored nature of the XSS and potential to target privileged users elevates practical risk for sites using this module.

XSS Ui Patterns Sdc In Drupal Ui
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy