Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Link field display mode formatter allows Cross-Site Scripting (XSS).This issue affects Link field display mode formatter: from 0.0.0 before 1.6.0.
Metrics
Affected Vendors & Products
References
History
Tue, 02 Sep 2025 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Upstreamable
Upstreamable link Field Display Mode Formatter |
|
CPEs | cpe:2.3:a:upstreamable:link_field_display_mode_formatter:*:*:*:*:*:drupal:*:* | |
Vendors & Products |
Upstreamable
Upstreamable link Field Display Mode Formatter |
Wed, 28 May 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
Thu, 22 May 2025 03:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
Tue, 29 Apr 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
Wed, 02 Apr 2025 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Mon, 31 Mar 2025 22:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Link field display mode formatter allows Cross-Site Scripting (XSS).This issue affects Link field display mode formatter: from 0.0.0 before 1.6.0. | |
Title | Link field display mode formatter - Moderately critical - Cross site scripting - SA-CONTRIB-2025-024 | |
Weaknesses | CWE-79 | |
References |
|

Status: PUBLISHED
Assigner: drupal
Published:
Updated: 2025-04-29T15:18:04.701Z
Reserved: 2025-03-31T21:30:25.064Z
Link: CVE-2025-31695

Updated: 2025-04-29T15:17:57.796Z

Status : Analyzed
Published: 2025-03-31T22:15:22.210
Modified: 2025-09-02T18:34:54.687
Link: CVE-2025-31695


No data.