CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-7715

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Block Attributes allows Cross-Site Scripting (XSS).This issue affects Block Attributes: from 0.0.0 before 1.1.0, from 2.0.0 before 2.0.1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.1%

CVSS Severity

CVSS v3 Score 6.1

References

https://www.drupal.org/sa-contrib-2025-090

Products affected by CVE-2025-7715

Block Attributes Project » Block Attributes » Version: Any

cpe:2.3:a:block_attributes_project:block_attributes:*
Block Attributes Project » Block Attributes » Version: 2.0.0

cpe:2.3:a:block_attributes_project:block_attributes:2.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-7715

Products

Pricing

Contact Us