logo

Database

Server side cross-site scripting In drupal/cookiebot_gtm

Description

This module makes it possible for you to integrate Cookiebot and Google Tag Manager in a fast and simple way.

The module doesn't sufficiently filter for malicious script leading to a persistent cross site scripting (XSS) vulnerability.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2024-132892. NVD-2024-132893. OSV-DRUPAL-CONTRIB-2024-0554. OSV-2024-132895. GCVE-2024-132896. drupal.org

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.