Vulnerability Details CVE-2025-3902
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Block Class allows Cross-Site Scripting (XSS).This issue affects Block Class: from 4.0.0 before 4.0.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 9.0%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2025-3902
-
cpe:2.3:a:four_kitchens:block_class:4.0.0