67 matches found
Description of the security update for SharePoint Server Subscription Edition: May 12, 2026 (KB5002863)
Description of the security update for SharePoint Server Subscription Edition: May 12, 2026 KB5002863 Summary Important: If you're currently running SharePoint Workflow Manager, you must install SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you'r...
CVE-2026-2348
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Quick Edit allows Cross-Site Scripting XSS.This issue affects Quick Edit: from 0.0.0 before 1.0.5, from 2.0.0 before 2.0.1...
EUVD-2026-15451
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Quick Edit allows Cross-Site Scripting XSS.This issue affects Quick Edit: from 0.0.0 before 1.0.5, from 2.0.0 before 2.0.1...
CVE-2026-2348
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Quick Edit allows Cross-Site Scripting XSS.This issue affects Quick Edit: from 0.0.0 before 1.0.5, from 2.0.0 before 2.0.1...
CVE-2026-2348 Quick Edit - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-009
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Quick Edit allows Cross-Site Scripting XSS.This issue affects Quick Edit: from 0.0.0 before 1.0.5, from 2.0.0 before 2.0.1...
CVE-2026-2348 Quick Edit - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-009
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Quick Edit allows Cross-Site Scripting XSS.This issue affects Quick Edit: from 0.0.0 before 1.0.5, from 2.0.0 before 2.0.1...
CVE-2026-2348
CVE-2026-2348 concerns a Cross-site Scripting (XSS) vulnerability in Drupal Quick Edit. The issue arises from improper input neutralization during web page generation, with the Quick Edit module failing to sanitize certain values, enabling XSS. Affected versions are Quick Edit: 0.0.0 before 1.0.5...
Drupal Quick Edit 安全漏洞
Drupal Quick Edit is a content management system module provided by the Drupal company that enables quick editing and immediate modification of page content. Versions of Drupal Quick Edit prior to 1.0.5 and 2.0.1 contained security vulnerabilities, which were due to improper input handling and...
Quick Edit - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-009
This module allows content to be edited in-place. The module doesn't sufficiently sanitize certain image-related values during the editing process leading to a persistent Cross-site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have permission to...
WordPress ACF Quick Edit Fields plugin <= 3.2.2 - Authenticated (Contributor+) Insecure Direct Object Reference vulnerability
Authenticated Contributor+ Insecure Direct Object Reference vulnerability discovered by Chris Grello in WordPress Plugin ACF Quick Edit Fields versions = 3.2.2...
EUVD-2015-6690
Malware in sbrugna...
EUVD-2018-13299
Malware in sbrugna...
EUVD-2023-59666
Malicious code in bioql PyPI...
EUVD-2022-35077
Malicious code in bioql PyPI...
EUVD-2022-0877
Malicious code in bioql PyPI...
CVE-2025-30946
Cross-Site Request Forgery CSRF vulnerability in Michael Cannon Custom Bulk/Quick Edit custom-bulkquick-edit allows Cross Site Request Forgery.This issue affects Custom Bulk/Quick Edit: from n/a through = 1.6.10...
WordPress plugin Custom Bulk/Quick Edit 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists i...
CVE-2022-2843
A vulnerability was found in MotoPress Timetable and Event Schedule. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /wp-admin/admin-ajax.php of the component Quick Edit. The manipulation of the argument posttitle with the input leads to cross si...
CVE-2015-6753
Multiple cross-site scripting XSS vulnerabilities in the Quick Edit module 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via an 1 entity title, related to in-place editing, or a 2 node title...
CVE-2023-7286
The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.2.2. This makes it possible for attackers without the editusers capability to access metadata of other users, this includes contributor-level users and above...