Security Advisory

CVE-2020-13673

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-11 15:35:11

Last updated 2024-08-04 12:25:16

Assigner drupal

State PUBLISHED

Description

The Entity Embed module provides a filter to allow embedding entities in content fields. In certain circumstances, the filter could allow an unprivileged user to inject HTML into a page when it is accessed by a trusted user with permission to embed entities. In some cases, this could lead to cross-site scripting.

← Browse all CVEs View on cve.org ↗