Jim Berry

#21244of 53,632
11.6Total CVSS
Vulnerabilities · 2
Medium
2
PT-2025-13846
4.8
2025-03-31
Drupal · Drupal Google Tag · CVE-2025-31682
**Name of the Vulnerable Software and Affected Versions** Drupal Google Tag versions 0.0.0 through 1.7.x Drupal Google Tag versions 2.0.0 through 2.0.7 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). This allows for Cross-Site Scripting (XSS) attacks. **Recommendations** For versions 0.0.0 through 1.7.x, update to version 1.8.0 or later. For versions 2.0.0 through 2.0.7, update to version 2.0.8 or later.
PT-2025-13847
6.8
2025-03-31
Drupal · Drupal Google Tag · CVE-2025-31683
**Name of the Vulnerable Software and Affected Versions** Drupal Google Tag versions 0.0.0 through 1.7.x Drupal Google Tag versions 2.0.0 through 2.0.7 **Description** A Cross-Site Request Forgery (CSRF) issue affects the Drupal Google Tag module, allowing unauthorized actions to be performed on behalf of a user. This issue can be exploited to perform actions without the user's knowledge or consent. **Recommendations** For versions 0.0.0 through 1.7.x, update to version 1.8.0 or later. For versions 2.0.0 through 2.0.7, update to version 2.0.8 or later.