CVE-2025-3902

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Block Class allows Cross-Site Scripting (XSS).This issue affects Block Class: from 4.0.0 before 4.0.1.

CVSS

No CVSS.

References

Link	Resource
https://www.drupal.org/sa-contrib-2025-043	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:four_kitchens:block_class:*:*:*:*:*:drupal:*:*

History

17 Jun 2025, 00:54

Type	Values Removed	Values Added
References	~~() https://www.drupal.org/sa-contrib-2025-043 -~~	() https://www.drupal.org/sa-contrib-2025-043 - Vendor Advisory
CPE		cpe:2.3:a:four_kitchens:block_class::::::drupal::*
First Time		Four Kitchens block Class Four Kitchens

23 Apr 2025, 17:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-23 17:16

Updated : 2025-06-17 00:54

NVD link : CVE-2025-3902

Mitre link : CVE-2025-3902

JSON object : View

Products Affected

four_kitchens

block_class

CWE

No CWE.

JSON object

Attach tags to CVE-2025-3902

Attach tags to `CVE-2025-3902`