logo

Database

Reflected cross-site scripting (XSS) In drupal/miniorange_saml

Description

This module enables you to perform SAML protocol-based single sign-on (SSO) on a Drupal site.

The module doesn't sufficiently sanitize user input, leading to a reflected Cross-site scripting (XSS) vulnerability.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2026-32172. NVD-2026-32173. OSV-DRUPAL-CONTRIB-2026-0184. OSV-2026-32175. GCVE-2026-32176. drupal.org

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.