CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-6676

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Simple XML sitemap allows Cross-Site Scripting (XSS).This issue affects Simple XML sitemap: from 0.0.0 before 4.2.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.1%

CVSS Severity

CVSS v3 Score 5.4

References

https://www.drupal.org/sa-contrib-2025-083

Products affected by CVE-2025-6676

Gbyte » Simple Xml Sitemap » Version: 4.0.0

cpe:2.3:a:gbyte:simple_xml_sitemap:4.0.0
Gbyte » Simple Xml Sitemap » Version: 4.1.1

cpe:2.3:a:gbyte:simple_xml_sitemap:4.1.1
Gbyte » Simple Xml Sitemap » Version: 4.1.2

cpe:2.3:a:gbyte:simple_xml_sitemap:4.1.2
Gbyte » Simple Xml Sitemap » Version: 4.1.3

cpe:2.3:a:gbyte:simple_xml_sitemap:4.1.3
Gbyte » Simple Xml Sitemap » Version: 4.1.4

cpe:2.3:a:gbyte:simple_xml_sitemap:4.1.4
Gbyte » Simple Xml Sitemap » Version: 4.1.5

cpe:2.3:a:gbyte:simple_xml_sitemap:4.1.5
Gbyte » Simple Xml Sitemap » Version: 4.1.6

cpe:2.3:a:gbyte:simple_xml_sitemap:4.1.6
Gbyte » Simple Xml Sitemap » Version: 4.1.7

cpe:2.3:a:gbyte:simple_xml_sitemap:4.1.7
Gbyte » Simple Xml Sitemap » Version: 4.1.8

cpe:2.3:a:gbyte:simple_xml_sitemap:4.1.8
Gbyte » Simple Xml Sitemap » Version: 4.1.9

cpe:2.3:a:gbyte:simple_xml_sitemap:4.1.9
Gbyte » Simple Xml Sitemap » Version: 4.2.0

cpe:2.3:a:gbyte:simple_xml_sitemap:4.2.0
Gbyte » Simple Xml Sitemap » Version: 4.2.1

cpe:2.3:a:gbyte:simple_xml_sitemap:4.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-6676

Products

Pricing

Contact Us