Spring AI Redis Store has TAG Field Query Injection Through Improper Neutralization of Special Characters

In RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for a TAG field, stringValue inserts the value directly into the @field:VALUE RediSearch TAG block without escaping characters. This issue affects Spring AI: from 1.0.0 before...

CVE-2026-2348

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Quick Edit allows Cross-Site Scripting XSS.This issue affects Quick Edit: from 0.0.0 before 1.0.5, from 2.0.0 before 2.0.1...