DRUPAL-CONTRIB-2026-065

See a problem?
Import Source
https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/canvas/DRUPAL-CONTRIB-2026-065.json
JSON Data
https://api.osv.dev/v1/vulns/DRUPAL-CONTRIB-2026-065
Aliases
  • CVE-2026-58587
Published
2026-07-01T17:20:16Z
Modified
2026-07-01T19:30:04.650718698Z
Summary
[none]
Details

The Canvas AI submodule allows you to upload image files via a custom API to use within the AI web chat.

These file uploads are insufficiently validated before being written to Drupal's temporary directory. In some cases, this may lead to cross-site scripting (XSS).

References
Credits

Affected packages

Packagist:https://packages.drupal.org/8 / drupal/canvas

Package

Name
drupal/canvas
Purl
pkg:composer/drupal%2Fcanvas

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2
Database specific
{
    "constraint": "<1.4.2"
}
Type
ECOSYSTEM
Events
Introduced
1.5.0
Fixed
1.5.2
Database specific
{
    "constraint": ">=1.5.0 <1.5.2"
}
Type
ECOSYSTEM
Events
Introduced
1.6.0
Fixed
1.6.1
Database specific
{
    "constraint": ">=1.6.0 <1.6.1"
}
Type
ECOSYSTEM
Events
Introduced
1.7.0
Fixed
1.7.1
Database specific
{
    "constraint": ">=1.7.0 <1.7.1"
}

Database specific

affected_versions
"<1.4.2 || >=1.5.0 <1.5.2 || >=1.6.0 <1.6.1 || >=1.7.0 <1.7.1"
source
"https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/canvas/DRUPAL-CONTRIB-2026-065.json"