23 matches found
EUVD-2022-1150
Malicious code in bioql PyPI...
EUVD-2022-1066
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-13674
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible dat...
Drupal Information Disclosure Vulnerability (SA-CORE-2022-004) - Windows
Drupal is prone to an information disclosure vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Cross-Site Request Forgery in Drupal core
The QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible data integrity issues. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed. Removing the...
GHSA-J586-CJ67-VG4P Cross-Site Request Forgery in Drupal core
The QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible data integrity issues. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed. Removing the...
CVE-2020-13676
The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...
CVE-2020-13674
The QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible data integrity issues. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed. Removing the...
CVE-2020-13676
The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...
CVE-2020-13674
The QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible data integrity issues. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed. Removing the...
Information disclosure
The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...
CVE-2020-13676
The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...
UBUNTU-CVE-2020-13674
The QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible data integrity issues. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed. Removing the...
UBUNTU-CVE-2020-13676
The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...
CVE-2020-13676
The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...
CVE-2020-13674
CVE-2020-13674 affects the Drupal QuickEdit module (Standard profile). The issue is a cross-site request forgery due to improper validation of access to routes, leading to possible data integrity issues when QuickEdit is installed. Removing the "access in-place editing" permission from untrusted ...
PT-2022-8501 · Quickedit · Quickedit
Name of the Vulnerable Software and Affected Versions: QuickEdit module affected versions not specified Description: The QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible data integrity issues...
PT-2022-8503 · Drupal · Drupal Quickedit Module
Name of the Vulnerable Software and Affected Versions: Drupal QuickEdit module affected versions not specified Description: The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the...
Drupal 8.9.x < 8.9.19 Multiple Vulnerabilities
According to its self-reported version, the instance of Drupal running on the remote web server is 8.9.x prior to 8.9.19, 9.1.x prior to 9.1.13, or 9.2.x prior to 9.2.6. It is, therefore, affected by multiple vulnerabilities. - Under some circumstances, the Drupal core JSON:API module does not...
Drupal 9.1.x < 9.1.13 Multiple Vulnerabilities
According to its self-reported version, the instance of Drupal running on the remote web server is 8.9.x prior to 8.9.19, 9.1.x prior to 9.1.13, or 9.2.x prior to 9.2.6. It is, therefore, affected by multiple vulnerabilities. - Under some circumstances, the Drupal core JSON:API module does not...