CVE-2024-13283

描述

This module enables you to to easily create and manage faceted search interfaces. The module doesn't sufficiently filter for malicious script leading to a reflected cross site scripting (XSS) vulnerability. The vulnerability exists in the Facets Summary submodule. If you do not use that sub module your site is not vulnerable to this issue. *Edited October 9, 2024: clarified that Facets Summary is where the vulnerability is located*

受影響套件(1)

• Packagist/drupal/facetsfrom 0, < 2.0.9

參考連結(1)

• WEBhttps://www.drupal.org/sa-contrib-2024-047