Very Low(1 user assessed)
Moderate(1 user assessed)
Command and Control
Drupal 8 and 9 have a reflected cross-site scripting (XSS) vulnerability under certain circumstances.
An attacker could leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability.
Report as Exploited in the Wild
What do we mean by "exploited in the wild"?
By selecting this, you are verifying to the AttackerKB community that either you, or a reputable source (example: a security vendor or researcher), has observed an active attempt by attackers, or IOCs related, to exploit this vulnerability outside of a research environment.
A vulnerability should also be considered "exploited in the wild" if there is a publicly available PoC or exploit (example: in an exploitation framework like Metasploit).