DRUPAL-CONTRIB-2025-106

Import Source

JSON Data

https://api.osv.dev/v1/vulns/DRUPAL-CONTRIB-2025-106

Aliases

Published

2025-09-24T17:16:20Z

Modified

2025-12-10T23:41:18.433850Z

Summary

[none]

Details

This module enables you to store and display JSON data using optional 3rd party libraries.

The module doesn't sufficiently filter data using some of the included field formatters leading to a Cross-site Scripting (XSS) vulnerability.

References

Credits

Affected packages

Type

ECOSYSTEM

Events

Introduced

Fixed

1.5.0

Database specific

{
    "constraint": "<1.5"
}

affected_versions

"<1.5"

source

"https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/json_field/DRUPAL-CONTRIB-2025-106.json"