XSS in Drupal Ui Patterns (Sdc In Ui)
CVE-2026-15084
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal UI Patterns (SDC in Drupal UI) allows Stored XSS. This issue affects UI Patterns (SDC in Drupal UI) versions: from 2.0.0 to 2.0.17.
Vulnerability class: XSS (Cross-Site Scripting)
Affected products
- Drupal Ui Patterns (Sdc In Ui) — versions 2.0.0