Fluid Attacks Database

Description

Drupal Ignition Cross-Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting (XSS). This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
packagist	drupal/ignition	>=0 <1.0.4	1.0.4

Aliases

1. CVE-2025-316792. NVD-2025-316793. OSV-2025-316794. GCVE-2025-316795. drupal.org

References

1. https://git.drupalcode.org/project/ignition

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.