CVE-2025-47705 – Drupal IFrame Remove Filter Cross-Site Scripting (XSS)

May 14, 2025

CVE ID : CVE-2025-47705

Published : May 14, 2025, 5:15 p.m. | 1 hour, 51 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Drupal IFrame Remove Filter allows Cross-Site Scripting (XSS).This issue affects IFrame Remove Filter: from 0.0.0 before 2.0.5.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-44184 – SourceCodester Best Employee Management System Cross Site Scripting

Next Article GitHub Availability Report: April 2025

Highlights

CVE-2025-2769 – Bdrive NetDrive OpenSSL Privilege Escalation Vulnerability

April 23, 2025

CVE ID : CVE-2025-2769

Published : April 23, 2025, 5:16 p.m. | 1 hour, 42 minutes ago

Description : Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25295.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

From Line To Layout: How Past Experiences Shape Your Design Career

Hire React.js Developers in the US: How to Choose the Right Team for Your Needs

Google’s coding agent Jules gets critique functionality

The best smartphones without AI features in 2025: Expert tested and recommended

GPT-5 was supposed to simplify ChatGPT but now it has 4 new modes – here’s why

Gemini just got two of ChatGPT’s best features – and they’re free

The HP OmniBook 5 laptop offers 34 hours of battery life – and it’s 60% off today only

Laravel Boost is released

Laravel Boost is released

Frontend Standards for Optimizely Configured Commerce: Clean & Scalable Web Best Practices

Live Agent Escalation in Copilot Studio Using D365 Omnichannel – Architecture and Use Case

OpenAI’s Sam Altman: GPT-5 fails to meet AGI standards amid Microsoft’s fading partnership — “it’s still missing something”

OpenAI’s Sam Altman: GPT-5 fails to meet AGI standards amid Microsoft’s fading partnership — “it’s still missing something”

You Think You Need a Monster PC to Run Local AI, Don’t You? — My Seven-Year-Old Mid-range Laptop Says Otherwise

8 Registry Tweaks that will Make File Explorer Faster and Easier to Use on Windows 11

CVE-2025-47705 – Drupal IFrame Remove Filter Cross-Site Scripting (XSS)

How the always-on generation can level up its cybersecurity game

Supply-chain dependencies: Check your resilience blind spot

CVE-2025-7557 – “Code-projects Voting System SQL Injection Vulnerability”

15 Best Free and Open Source Linux Web Servers

StreamBridge: Turning Your Offline Video Large Language Model into a Proactive Streaming Assistant

Cloudflare vs Perplexity: The Battle Over AI Web Scraping Heats Up

CVE-2025-2769 – Bdrive NetDrive OpenSSL Privilege Escalation Vulnerability

Microsoft Copilot gets OpenAI’s GPT-4o image generation support — but maybe a day late and a dollar short for the hype?

FBI, Ghana Authorities Bust $100 Million Romance Scam in Major International Extradition

CVE-2025-7021 – OpenAI Operator SaaS Fullscreen API Spoofing and UI Redressing

CVE-2025-47705 – Drupal IFrame Remove Filter Cross-Site Scripting (XSS)

Related Posts