drupal-pattern-lab/unified-twig-extensions

drupal-pattern-lab/unified-twig-extensions

Releases1

Frequency

Last Release almost 9 years ago

Stars9

Share Pattern Lab's custom Twig extensions with Drupal 8

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-11570 ↗	Oct 10, 2025Friday, 10 October 2025, 05:15	4.6 MEDIUM	—
Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting (XSS) due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Pattern Lab. The package drupal-pattern-lab/unified-twig-extensions is unmaintained, the fix for this issue exists in version 1.1.1 of [drupal/unified_twig_ext](https://www.drupal.org/project/unified_twig_ext)