CVE-2024-55635

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-55635

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-55635.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-55635

Aliases

BIT-drupal-2024-55635

Downstream

UBUNTU-CVE-2024-55635

Published

2024-12-10T00:15:22Z

Modified

2025-07-01T16:12:28.912437Z

Summary

[none]

Details

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Core allows Cross-Site Scripting (XSS).This issue affects Drupal Core: from 7.0 before 7.102.

References

https://www.drupal.org/sa-core-2024-005

Affected packages

Git / github.com/drupal/drupal

Affected ranges

Type: GIT
Repo: https://github.com/drupal/drupal
Events: Introduced

497914920385b7016ac9c9367e0198530787adf2

Fixed

fa67320cf2109f1102201da5f66fd189c56f8b25

Affected versions

7.*

7.0

7.1

7.10

7.100

7.101

7.11

7.12

7.13

7.14

7.15

7.16

7.17

7.18

7.19

7.2

7.20

7.21

7.22

7.23

7.24

7.25

7.26

7.27

7.28

7.29

7.3

7.30

7.31

7.32

7.33

7.34

7.35

7.36

7.37

7.38

7.39

7.4

7.40

7.41

7.42

7.43

7.44

7.5

7.50

7.51

7.52

7.53

7.54

7.55

7.56

7.57

7.58

7.59

7.6

7.60

7.61

7.62

7.63

7.64

7.65

7.66

7.67

7.68

7.69

7.7

7.70

7.71

7.72

7.73

7.74

7.75

7.76

7.77

7.78

7.79

7.8

7.80

7.81

7.82

7.83

7.84

7.85

7.86

7.87

7.88

7.89

7.9

7.90

7.91

7.92

7.93

7.94

7.95

7.96

7.97

7.98

7.99