CVE-2022-25270 is a vulnerability in Drupal
Published on February 17, 2022

The Quick Edit module does not properly check entity access in some circumstances. This could result in users with the "access in-place editing" permission viewing some content they are are not authorized to access. Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed.

NVD

Products Associated with CVE-2022-25270

Want to know whenever a new CVE is published for Drupal? stack.watch will email you.

Drupal

Affected Versions

Drupal Core:

Version 9.3.x and below 9.3.6 is affected.
Version 9.2.x and below 9.2.13 is affected.

Exploit Probability

EPSS

0.25%

Percentile

48.77%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-25270 is a vulnerability in DrupalPublished on February 17, 2022

Products Associated with CVE-2022-25270

Affected Versions

Exploit Probability

CVE-2022-25270 is a vulnerability in Drupal
Published on February 17, 2022