Back to Codebase
Vulnerability Analysis Report
Drupal Core v4.1.0
Scan ID: SCAN-DRUPAL-CORE-sWwc9Y • Hash: c0826819
Severity Score
Medium
Total Findings
1
Engine Version
ECOMGUARD-HYBRID-AST-1.5
Scan Duration
1.102s
Vulnerability Details
L19
Cross-Site Scripting (XSS) in admin.php
CWE-79
File Location:
admin.php:19
Security Score:
84 / 100
Confirmed Issue
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Heuristics Diff
- <title><?php echo variable_get("site_name", "drupal") . " " . t("administration pages"); ?></title>
+ echo htmlspecialchars(variable_get("site_name", "drupal") . " " . t("administration pages"), ENT_QUOTES, "UTF-8");