CVE-2025-12083 | CivicTheme Design System up to 1.11.x on Drupal cross site scripting (sa-contrib-2025-113)

Inserito da Angelo Barbosa | Ott 30, 2025 | CVE

A vulnerability marked as problematic has been reported in CivicTheme Design System up to 1.11.x on Drupal. This impacts an unknown function. Performing manipulation results in cross site scripting.

This vulnerability is reported as CVE-2025-12083. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2025-12083 | CivicTheme Design System up to 1.11.x on Drupal cross site scripting (sa-contrib-2025-113)

Post correlati

CVE-2024-29131 | Apache Commons Configuration up to 2.10.0 out-of-bounds write

CVE-2025-12347 | MaxSite CMS up to 109 save-file-ajax.php file_path/content unrestricted upload

CVE-2024-3246 | LiteSpeed Cache Plugin up to 6.2.0.1 on WordPress cross-site request forgery

CVE-2024-32292 | Tenda W30E 1.0.1.25(633) formexeCommand cmdinput command injection