XSS in Drupal Ui Patterns (Sdc In Ui)

CVE-2026-15084

Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal UI Patterns (SDC in Drupal UI) allows Stored XSS. This issue affects UI Patterns (SDC in Drupal UI) versions: from 2.0.0 to 2.0.17.

Vulnerability class: XSS (Cross-Site Scripting)

Affected products

Weakness classification (CWE)

References