CNNVD-202601-1980 Information

CNNVD ID

CNNVD-202601-1980

Related CVE

CVE-2025-15056

• CNNVD Published: 2026-01-13

Description (Chinese)

Quill是Quill开源的一个应用软件。提供应用编辑器功能。 Quill 2.0.3版本存在注入漏洞，该漏洞源于HTML导出功能缺少数据验证，可能导致跨站脚本攻击。

Description (English)

Quill is a Quill open source application. Provides application editor functionality. Quill version 2.0.3 has an injection loophole, which stems from the lack of data validation for the HTML export function and could lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

Quill

Published

2026-01-13

Last Modified

2026-02-24

References

https://github.com/slab/quill https://fluidattacks.com/advisories/diomedes https://access.redhat.com/security/cve/cve-2025-15056