Home

Description

Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal AI SEO/GEO Analyzer allows Stored XSS. This issue affects AI SEO/GEO Analyzer versions: from 0.0.0 to 1.1.3.

PUBLISHED Reserved 2026-07-08 | Published 2026-07-10 | Updated 2026-07-13 | Assigner drupal

Problem types

CWE-79 Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting")

Product status

0.0.0 (semver) before 1.1.3
affected

Credits

Drew Webber (mcdruid) finder

Juhani Väätäjä (j-vee) remediation developer

Greg Knaddison (greggles) coordinator

Drew Webber (mcdruid) coordinator

References

www.drupal.org/sa-contrib-2026-076

cve.org (CVE-2026-15085)

nvd.nist.gov (CVE-2026-15085)

Download JSON