CVE-2025-10931

Umami Analytics - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-109

CVSS 3.8 LOWEPSS 0.2%CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Umami Analytics allows Cross-Site Scripting (XSS).This issue affects Umami Analytics: from 0.0.0 before 1.0.1.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Produtos afetados

Drupal · Umami Analytics

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.drupal.org/sa-contrib-2025-109