cvedb.io
CVE-2022-25270
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2022-02-17T00:15:07.710 · Last modified 2026-06-17T04:33:18.743

Summary

The Quick Edit module does not properly check entity access in some circumstances. This could result in users with the "access in-place editing" permission viewing some content they are are not authorized to access. Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed.

Affected products

drupal — drupal

Does this affect you?

Add your gear to cvedb and we'll alert you only when drupal ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.