Toc.js Project Toc.js — known CVE vulnerabilities
Every CVE whose affected-product data names Toc.js Project Toc.js, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
- CVE-2025-48923 — CVSS 6.1 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Toc.Js allows Cross-Site…