CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-3217

Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal SAML SSO - Service Provider allows Cross-Site Scripting (XSS).This issue affects SAML SSO - Service Provider: from 0.0.0 before 3.1.3.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.0%

CVSS Severity

CVSS v3 Score 6.1

References

https://www.drupal.org/sa-contrib-2026-018

Products affected by CVE-2026-3217

Miniorange » Saml Sso - Service Provider » Version: Any

cpe:2.3:a:miniorange:saml_sso_-_service_provider:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-3217

Products

Pricing

Contact Us