Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Anti-Spam by CleanTalk allows Cross-Site Scripting (XSS).This issue affects Anti-Spam by CleanTalk: from 0.0.0 before 9.7.0.
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:NCleantalk Anti Spam
APPCleantalk< 9.7.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
References
Related vulnerabilities
CVE-2024-10542CRITICAL9.8PL ✓ten sam produkt
CleanTalk Anti-Spam: nieautoryzowana instalacja wtyczek przez bypass autoryzacji
CVE-2021-24131HIGH7.2ten sam produkt
Unvalidated input in the Anti-Spam by CleanTalk WordPress plugin, versions before 5.149, lead to multiple auth...
CVE-2023-51696MEDIUM4.3ten sam produkt
Cross-Site Request Forgery (CSRF) vulnerability in СleanTalk - Anti-Spam Protection Spam protection, Anti-Spam...
CVE-2024-13365CRITICAL9.8PL ✓ten sam vendor
Nieuwierzytelniony upload plików w pluginie CleanTalk Security & Malware Scan dla WordPress
CVE-2024-10781HIGH8.1ten sam vendor
The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbit...