CVE-2026-0749

Vulnerability Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Form Builder allows Cross-Site Scripting (XSS).This issue affects Drupal: from 7.X-1.0 through 7.X-1.22.

Vulnerability Details

Published Date

January 28, 2026

Last Modified

January 29, 2026

CWE ID

CWE-79

Source

NVD

External References

https://d7es.tag1.com/security-advisories/form-builder-less-critical-cross-site-scripting
https://www.herodevs.com/vulnerability-directory/cve-2026-0749

CVE-2026-0749

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment