Drupal · Drupal Browser Back Button · CVE-2024-13308
**Name of the Vulnerable Software and Affected Versions**
Drupal Browser Back Button versions 1.0.0 through 2.0.2
**Description**
The issue is related to improper neutralization of input during web page generation, which allows Cross-Site Scripting (XSS). This can enable a remote attacker to conduct cross-site scripting attacks.
**Recommendations**
For versions 1.0.0 through 2.0.2, update to version 2.0.2 or later to resolve the issue.