{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3217", "assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387", "state": "PUBLISHED", "assignerShortName": "drupal", "dateReserved": "2026-02-25T16:59:33.466Z", "datePublished": "2026-03-25T15:24:30.977Z", "dateUpdated": "2026-03-25T19:59:46.310Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "2c85b837-eb8b-40ed-9d74-228c62987387", "shortName": "drupal", "dateUpdated": "2026-03-25T15:24:30.977Z"}, "title": "SAML SSO - Service Provider - Critical - Cross-site scripting - SA-CONTRIB-2026-018", "datePublic": "2026-02-25T18:51:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\"Cross-site Scripting\")", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63 Cross-Site Scripting (XSS)"}]}], "affected": [{"vendor": "Drupal", "product": "SAML SSO - Service Provider", "collectionURL": "https://www.drupal.org/project/miniorange_saml", "repo": "https://git.drupalcode.org/project/miniorange_saml", "versions": [{"status": "affected", "version": "0.0.0", "lessThan": "3.1.3", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (\"Cross-site Scripting\") vulnerability in Drupal SAML SSO - Service Provider allows Cross-Site Scripting (XSS).This issue affects SAML SSO - Service Provider: from 0.0.0 before 3.1.3.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Improper Neutralization of Input During Web Page Generation (\"Cross-site Scripting\") vulnerability in Drupal SAML SSO - Service Provider allows Cross-Site Scripting (XSS).<p>This issue affects SAML SSO - Service Provider: from 0.0.0 before 3.1.3.</p>"}]}], "references": [{"url": "https://www.drupal.org/sa-contrib-2026-018"}], "credits": [{"lang": "en", "value": "Drew Webber (mcdruid)", "type": "finder"}, {"lang": "en", "value": "Sudhanshu Dhage (sudhanshu0542)", "type": "remediation developer"}, {"lang": "en", "value": "Drew Webber (mcdruid)", "type": "coordinator"}, {"lang": "en", "value": "Juraj Nemec (poker10)", "type": "coordinator"}, {"lang": "en", "value": "Jess (xjm)", "type": "coordinator"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-25T19:59:29.225129Z", "id": "CVE-2026-3217", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T19:59:46.310Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-3217", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-25T19:59:29.225129Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T19:59:39.723Z"}}], "cna": {"title": "SAML SSO - Service Provider - Critical - Cross-site scripting - SA-CONTRIB-2026-018", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Drew Webber (mcdruid)"}, {"lang": "en", "type": "remediation developer", "value": "Sudhanshu Dhage (sudhanshu0542)"}, {"lang": "en", "type": "coordinator", "value": "Drew Webber (mcdruid)"}, {"lang": "en", "type": "coordinator", "value": "Juraj Nemec (poker10)"}, {"lang": "en", "type": "coordinator", "value": "Jess (xjm)"}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63 Cross-Site Scripting (XSS)"}]}], "affected": [{"repo": "https://git.drupalcode.org/project/miniorange_saml", "vendor": "Drupal", "product": "SAML SSO - Service Provider", "versions": [{"status": "affected", "version": "0.0.0", "lessThan": "3.1.3", "versionType": "semver"}], "collectionURL": "https://www.drupal.org/project/miniorange_saml", "defaultStatus": "unaffected"}], "datePublic": "2026-02-25T18:51:00.000Z", "references": [{"url": "https://www.drupal.org/sa-contrib-2026-018"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (\"Cross-site Scripting\") vulnerability in Drupal SAML SSO - Service Provider allows Cross-Site Scripting (XSS).This issue affects SAML SSO - Service Provider: from 0.0.0 before 3.1.3.", "supportingMedia": [{"type": "text/html", "value": "Improper Neutralization of Input During Web Page Generation (\"Cross-site Scripting\") vulnerability in Drupal SAML SSO - Service Provider allows Cross-Site Scripting (XSS).<p>This issue affects SAML SSO - Service Provider: from 0.0.0 before 3.1.3.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\"Cross-site Scripting\")"}]}], "providerMetadata": {"orgId": "2c85b837-eb8b-40ed-9d74-228c62987387", "shortName": "drupal", "dateUpdated": "2026-03-25T15:24:30.977Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3217", "state": "PUBLISHED", "dateUpdated": "2026-03-25T19:59:46.310Z", "dateReserved": "2026-02-25T16:59:33.466Z", "assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387", "datePublished": "2026-03-25T15:24:30.977Z", "assignerShortName": "drupal"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (\"Cross-site Scripting\") vulnerability in Drupal SAML SSO - Service Provider allows Cross-Site Scripting (XSS).This issue affects SAML SSO - Service Provider: from 0.0.0 before 3.1.3."}], "id": "CVE-2026-3217", "lastModified": "2026-03-26T15:13:15.790", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T16:16:22.917", "references": [{"source": "mlhess@drupal.org", "url": "https://www.drupal.org/sa-contrib-2026-018"}], "sourceIdentifier": "mlhess@drupal.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "mlhess@drupal.org", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.0.0,3.1.3)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "SAML SSO - Service Provider", "source": "cna", "vendor": "Drupal"}, "product": "saml_sso_-_service_provider", "vendor": "drupal"}], "analysis": {"en": {"generated_at": "2026-03-25T21:55:09.688328+00:00", "value": {"mitigation_remediation": ["Upgrade Drupal SAML SSO - Service Provider to version 3.1.3 or later, following the vendor's patch guidelines as documented at https://www.drupal.org/sa-contrib-2026-018."], "summary": {"action": "Patch immediately", "impact": "Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "The affected product is the Drupal SAML SSO - Service Provider module. Versions from 0.0.0 up to, but not including, 3.1.3 are vulnerable. Users running any of these releases should identify their deployment and assess the version in use.", "description_and_impact": "A cross\u2011site scripting vulnerability exists in Drupal SAML SSO - Service Provider. Improper neutralization of user input during web page generation allows an attacker to inject arbitrary scripts into the browser context of legitimate users. This flaw can lead to theft of session cookies, credential hijacking, and execution of arbitrary actions on behalf of the user, compromising confidentiality and integrity of user data.", "risk_and_exploitability": "The CVSS base score of 6.1 indicates a moderate severity, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. No EPSS score is available, so the precise likelihood of exploitation is unclear. Based on the description, the attack vector is likely remote; an attacker would craft a malicious SAML assertion or manipulate request parameters that the Service Provider renders, thereby delivering the XSS payload to the victim\u2019s browser."}}}}, "created": "2026-03-25T21:31:00.133303+00:00", "updated": "2026-03-26T12:13:19.652651+00:00", "vendors": ["drupal", "drupal$PRODUCT$saml_sso_-_service_provider"]}