CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Drupal: >> Entity Embed Security Vulnerabilities

CVE-2020-13673

The Entity Embed module provides a filter to allow embedding entities in content fields. In certain circumstances, the filter could allow an unprivileged user to inject HTML into a page when it is accessed by a trusted user with permission to embed entities. In some cases, this could lead to cross-site scripting.

CVSS Score

6.1

EPSS Score

0.003

Published

2022-02-11

Page 1

Vulnerabilities

Vulnerable Software

Drupal: >> Entity Embed Security Vulnerabilities

Products

Pricing

Contact Us