CVE-2026-0946

AT Internet SmartTag - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-003

Description

Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal AT Internet SmartTag allows Cross-Site Scripting (XSS).This issue affects AT Internet SmartTag: from 0.0.0 before 1.0.1.

INFO

Published Date :

2026-02-04T20:25:39.200Z

Last Modified :

2026-02-06T20:35:38.434Z

Source :

drupal

AFFECTED PRODUCTS

The following products are affected by CVE-2026-0946 vulnerability.

Vendors	Products
Bordeaux-metropole	At Internet Smarttag
Drupal	At Internet Smarttag

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-0946.

URL	Resource
https://www.drupal.org/sa-contrib-2026-003

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact