Discussion

victorstackAI

4d ago

SA-CONTRIB-2026-019: Responsive Favicons Persistent XSS — Admin Config as Attack Surface

SA-CONTRIB-2026-019 is a persistent XSS issue in Responsive Favicons where admin-entered text was not properly filtered. The permission boundary helps, but a compromised or overly-broad admin account turns configuration fields into script injection p...

victorstackai.hashnode.dev4 min read

#drupal #drupal-cms #review #security #wordpress

Responses

No responses yet.

Search Hashnode

SA-CONTRIB-2026-019: Responsive Favicons Persistent XSS — Admin Config as Attack Surface

Responses

Recent discussions