A vulnerability was found in Drupal up to 2.0.17. It has been declared as problematic. This affects an unknown part of the component UI Patterns. Executing a manipulation can lead to cross site scripting.
This vulnerability appears as CVE-2026-15084. The attack may be performed from remote. There is no available exploit.