unknown
28/05/2026
Vulnérabilité unknown détectée - CVE-2026-4929
Simple Hierarchical Select (SHS) for Drupal 7 contains cross-site scripting risk due to improper output escaping of term-derived text. Confirmed affec...
CVE concernées (1)
Description
Simple Hierarchical Select (SHS) for Drupal 7 contains cross-site scripting risk due to improper output escaping of term-derived text. Confirmed affected paths include field formatter output (shs_field_formatter_view) and term-tree child-term data generation (shs_term_get_children). Malicious taxonomy term names can be rendered unsafely depending on output context. This affects versions from 7.x-1.0 through (and including) 7.x-1.10.
Type de vulnérabilité
- CWE-79
Recommandations
Appliquer les correctifs de sécurité fournis par le vendeur dès que possible.
Recommandations de sécurité
- Appliquer immédiatement les correctifs de sécurité
- Surveiller les systèmes pour détecter toute tentative d'exploitation