4 matches found
CVE-2026-22663
prompts.chat prior to commit 7b81836 contains multiple authorization bypass vulnerabilities due to missing isPrivate checks across API endpoints and page metadata generation that allow unauthorized users to access sensitive data associated with private prompts. Attackers can exploit these missing...
CVE-2026-22663 prompts.chat Authorization Bypass Information Disclosure
prompts.chat prior to commit 7b81836 contains multiple authorization bypass vulnerabilities due to missing isPrivate checks across API endpoints and page metadata generation that allow unauthorized users to access sensitive data associated with private prompts. Attackers can exploit these missing...
PT-2026-30227
prompts.chat prior to commit 7b81836 contains multiple authorization bypass vulnerabilities due to missing isPrivate checks across API endpoints and page metadata generation that allow unauthorized users to access sensitive data associated with private prompts. Attackers can exploit these missing...
SA-2008-008 - Meta tags - Arbitrary code execution
The Meta tags module, also known as Nodewords, adds HTML META tags to node, panel and view pages. If the site is configured to allow images in the body of any node type, any user that can create this node type is able to execute arbitrary code on the server. Versions affected Meta tags for Drupal...