Search API Pages - Critical - Cross Site Scripting - SA-CONTRIB-2021-046

Project: Search API PagesDate: 2021-December-08Security risk: Critical 16∕25 AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:UncommonVulnerability: Cross Site ScriptingDescription: This module enables you to create simple search pages based on Search API without the use of Views.
The module doesn’t sufficiently escape all variables provided for custom templates.
This vulnerability is mitigated by the fact that the default template provided by the module is not affected.Solution: Install the latest version:

Reported By: 

Fixed By: 

Coordinated By: 

Path to article https://www.drupal.org/sa-contrib-2021-046