CVE-2025-13979

Name of the Vulnerable Software and Affected Versions Drupal Mini site versions prior to 3.0.2

Description A flaw exists in Drupal Mini site that allows for Stored Cross-Site Scripting (XSS) due to unsafe actions with defined privileges. This allows an attacker to inject malicious scripts into the system, potentially compromising user accounts or website integrity.

Recommendations Update Drupal Mini site to version 3.0.2 or later.