CVE-2026-3213

Name of the Vulnerable Software and Affected Versions Drupal Anti-Spam by CleanTalk versions prior to 9.7.0

Description The software contains a flaw related to improper handling of user-supplied data during web page creation, which could allow for Cross-Site Scripting (XSS) attacks. The issue exists because the software does not adequately sanitize user input. The vulnerability is limited in scope as it only affects users who are challenged or blocked by the firewall.

Recommendations Update to version 9.7.0 or later.