Project: 
JSON Field
Date: 
2025-September-24
Security risk: 
Critical 15 ∕ 25 AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:Default
Vulnerability: 
Cross Site Scripting
Affected versions: 
<1.5
CVE IDs: 
CVE-2025-10926
Description: 

This module enables you to store and display JSON data using optional 3rd party libraries.

The module doesn't sufficiently filter data using some of the included field formatters leading to a Cross-site Scripting (XSS) vulnerability.

Solution: 

Install the latest version:

Reported By: 
Fixed By: 
Coordinated By: