Total vulnerabilities in the database
Cross-site Scripting (XSS) vulnerability in Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions prior to 9.1.7; 9.0.x versions prior to 9.0.12; 8.9.x versions prior to 8.9.14; 7.x versions prior to 7.80.
| Software | From | Fixed in |
|---|---|---|
| drupal / drupal | 9.1.0 | 9.1.7 |
| drupal / drupal | 9.0.0 | 9.0.12 |
| drupal / drupal | 8.9.0 | 8.9.14 |
| drupal / drupal | - | 7.80 |