Security Advisory

CVE-2024-13301

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-09 20:23:31

Last updated 2025-01-10 16:15:41

Assigner drupal

State PUBLISHED

Description

Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability in Drupal OAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client) allows Cross-Site Scripting (XSS).This issue affects OAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client): from 3.0.0 before 3.44.0, from 4.0.0 before 4.0.19.

← Browse all CVEs View on cve.org ↗