Drupal Entity Embed
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Drupal Entity Embed.
By the Year
In 2026 there have been 0 vulnerabilities in Drupal Entity Embed. Entity Embed did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 6.10 |
It may take a day or so for new Entity Embed vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Drupal Entity Embed Security Vulnerabilities
The Entity Embed module provides a filter to allow embedding entities in content fields
CVE-2020-13673
6.1 - Medium
- February 11, 2022
The Entity Embed module provides a filter to allow embedding entities in content fields. In certain circumstances, the filter could allow an unprivileged user to inject HTML into a page when it is accessed by a trusted user with permission to embed entities. In some cases, this could lead to cross-site scripting.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Drupal Entity Embed or by Drupal? Click the Watch button to subscribe.
