🔐 CVE Alert

CVE-2026-10770

MEDIUM 6.1

Anti-Spam by CleanTalk - Moderately critical - Cross site scripting - SA-CONTRIB-2026-042

CVSS Score
6.1
EPSS Score
0.2%
EPSS Percentile
6th

Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Anti-Spam by CleanTalk allows Reflected XSS. This issue affects Anti-Spam by CleanTalk versions: from 0.0.0 to 9.7.1.

CWE CWE-79
Vendor drupal
Product anti-spam by cleantalk
Ecosystems
Industries
WebMedia
Published Jul 10, 2026
Last Updated Jul 14, 2026
Stay Ahead of the Next One

Get instant alerts for drupal anti-spam by cleantalk

Be the first to know when new medium vulnerabilities affecting drupal anti-spam by cleantalk are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Drupal / Anti-Spam by CleanTalk
0.0.0 < 9.7.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗
drupal.org: https://www.drupal.org/sa-contrib-2026-042

Credits

Ra Mänd (ram4nd) alexandergull anton1211 Ra Mänd (ram4nd) Neil Drumm (drumm) Greg Knaddison (greggles) Juraj Nemec (poker10)