Affected Products
Vendor / product matrix with CVE counts sourced from the CPE catalog.
Products
1 vendor| Vendor | Products | CVEs | KEV | Avg EPSS | Worst Severity |
|---|---|---|---|---|---|
| 1 | 1 | 0 | 15.5% | MEDIUM |
Related CVEs
1| CVE ID | Description | Severity | CVSS | KEV | EPSS | Published | |
|---|---|---|---|---|---|---|---|
| CVE-2022-50957 | Drupal avatar_uploader 7.x-1.0-beta8 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the file parameter. Attackers can craft URLs with script payloads in the file parameter of avatar_uploader.pages.inc to execute arbitrary JavaScript in victim browsers. | MEDIUM | 5.1 | — | 15.5% | May 10, 2026 |