CVE-2025-6676 – Drupal Simple XML Sitemap Cross-Site Scripting (XSS)

June 26, 2025

CVE ID : CVE-2025-6676

Published : June 26, 2025, 2:15 p.m. | 49 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Drupal Simple XML sitemap allows Cross-Site Scripting (XSS).This issue affects Simple XML sitemap: from 0.0.0 before 4.2.2.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6677 – Drupal Paragraphs Cross-Site Scripting (XSS) Vulnerability

Next Article CVE-2025-6675 – Drupal Enterprise MFA – TFA Authentication Bypass

Highlights

CVE-2025-5147 – Netcore NBR1005GPEV2, NBR200V2, B6V2 Command Injection Vulnerability

May 25, 2025

CVE ID : CVE-2025-5147

Published : May 25, 2025, 12:15 p.m. | 40 minutes ago

Description : A vulnerability was found in Netcore NBR1005GPEV2, NBR200V2 and B6V2 up to 20250508 and classified as critical. This issue affects the function tools_ping of the file /usr/bin/network_tools. The manipulation of the argument url leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

tRPC vs GraphQL vs REST: Choosing the right API design for modern web applications

Jakarta EE 11 Platform launches with modernized Test Compatibility Kit framework

Can Good UX Protect Older Users From Digital Scams?

Warp 2.0 evolves terminal experience into an Agentic Development Environment

The top 4 Bluetooth speakers I’m taking everywhere this summer (including a surprise pick)

Your Android phone is getting a big security upgrade for free – here’s what’s new

How a 5-minute circuit scan saved me hundreds (and exposed a serious wiring surprise)

Using AI saves teachers ‘six weeks per year,’ Gallup poll finds – but at what cost?

billboard.js 3.16.0 release: ✨ bar trending line & improved resizing performance!

billboard.js 3.16.0 release: ✨ bar trending line & improved resizing performance!

ISO 20022 – End of MT Coexistence for Cash Instructions Fast Approaching

Building Trust and Shaping the Future: Implementing Responsible AI – Part 2

Windows 11 KB5060826 fixes slow Search, direct download links

Windows 11 KB5060826 fixes slow Search, direct download links

Rilasciata Tails 6.17: Più Privacy e Sicurezza con le Nuove Funzionalità

Rilasciata Deepin 25: La distribuzione GNU/Linux immutabile con assistente vocale e pacchetti universali

CVE-2025-6676 – Drupal Simple XML Sitemap Cross-Site Scripting (XSS)

Citrix Bleed 2 flaw now believed to be exploited in attacks

Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign

This AR headset is changing how surgeons see inside their patients

Distribution Release: deepin 23.1

CVE-2025-5117 – WordPress Property Plugin Privilege Escalation Vulnerability

How to Work Better with Git in Teams

CVE-2025-5147 – Netcore NBR1005GPEV2, NBR200V2, B6V2 Command Injection Vulnerability

Upgraded to @Angular Version 19

CVE-2025-4465 – iSourcecode Gym Management System SQL Injection Vulnerability

ALPHAONE: A Universal Test-Time Framework for Modulating Reasoning in AI Models

CVE-2025-6676 – Drupal Simple XML Sitemap Cross-Site Scripting (XSS)

Related Posts