ReportizFlow
Filtered by vendor Drupal
Subscriptions
Filtered by product Simple Hierarchical Select (shs)
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-4929 | 1 Drupal | 1 Simple Hierarchical Select (shs) | 2026-05-22 | N/A |
| Simple Hierarchical Select (SHS) for Drupal 7 contains cross-site scripting risk due to improper output escaping of term-derived text. Confirmed affected paths include field formatter output (shs_field_formatter_view) and term-tree child-term data generation (shs_term_get_children). Malicious taxonomy term names can be rendered unsafely depending on output context. This affects versions from 7.x-1.0 through (and including) 7.x-1.10. | ||||
Page 1 of 1.