CVE-2025-6677 – This vulnerability allows attackers to inject m... (How to Fix)

Q: What is the severity of CVE-2025-6677?

CVE-2025-6677 has a CVSS score of 5.4 (MEDIUM). This vulnerability allows attackers to inject malicious scripts into web pages generated by Drupal Paragraphs table module, which could execute in users' browsers. It affects Drupal sites using Paragraphs table module versions 2.0.0 through 2.0.4. Attackers could steal session cookies, redirect users, or perform actions on their behalf.

📋 TL;DR

This vulnerability allows attackers to inject malicious scripts into web pages generated by Drupal Paragraphs table module, which could execute in users' browsers. It affects Drupal sites using Paragraphs table module versions 2.0.0 through 2.0.4. Attackers could steal session cookies, redirect users, or perform actions on their behalf.

💻 Affected Systems

Products:

Drupal Paragraphs table module

Versions: 2.0.0 through 2.0.4

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Drupal sites with Paragraphs table module installed and enabled.

📦 What is this software?

Paragraphs Table by Paragraphs Table Project

View all CVEs affecting Paragraphs Table →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator session cookies, gain full control of the Drupal site, deface content, or install backdoors.

🟠

Likely Case

Attackers steal user session cookies, perform unauthorized actions, or redirect users to malicious sites.

🟢

If Mitigated

Limited impact with proper input validation and output encoding in place, though vulnerability still exists.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

XSS vulnerabilities typically have low exploitation complexity once the attack vector is identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.0.5

Vendor Advisory: https://www.drupal.org/sa-contrib-2025-084

Restart Required: No

Instructions:

1. Update Paragraphs table module to version 2.0.5 via Drupal's update manager or Composer. 2. Clear Drupal caches. 3. Verify the update was successful.

🔧 Temporary Workarounds

Disable Paragraphs table module

all

Temporarily disable the vulnerable module until patching is possible

drush pm-disable paragraphs_table

Implement Content Security Policy

all

Add CSP headers to mitigate XSS impact

🧯 If You Can't Patch

Disable Paragraphs table module entirely
Implement web application firewall rules to block XSS payloads

🔍 How to Verify

Check if Vulnerable:

Check Drupal's Extend page or use 'drush pm-list' to see if paragraphs_table module is installed and check its version

Check Version:

drush pm-list --fields=name,version | grep paragraphs_table

Verify Fix Applied:

Verify paragraphs_table module version is 2.0.5 or higher

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to paragraphs table endpoints
Suspicious script tags in form submissions

Network Indicators:

Malicious script payloads in HTTP requests
Unexpected redirects from the Drupal site

SIEM Query:

source="drupal_access_log" AND (uri="*paragraphs_table*" AND (data="*<script>*" OR data="*javascript:*"))

📊 Metadata

CVE ID: CVE-2025-6677

CVSS v3 Score: 5.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.03% exploit probability (6.5th percentile)

Published: June 26, 2025

Last Updated: July 11, 2025

🔗 References

https://www.drupal.org/sa-contrib-2025-084 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-6677, you might also want to check these: