Lucene search
China National Vulnerability DatabaseCNVD-2024-09867HistoryFeb 22, 2024 - 12:00 a.m.
CKEditor cross-site scripting vulnerability (CNVD-2024-09867)
2024-02-2200:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
open source
web-based text editor
cross-site scripting
vulnerability
exploited
javascript code
misconfigured
preview function
cnvd-2024-09867
CKEditor is an open source, web-based text editor. A cross-site scripting vulnerability exists in CKEditor4, which stems from the presence of a cross-site scripting vulnerability that can be exploited by an attacker to execute JavaScript code by abusing a misconfigured preview function.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ckeditor ckeditor >=4.0, | lt | 4.24.0 |
Related
osv
osv
CKEditor4 Cross-site Scripting vulnerability in samples with enabled the preview feature
2024-02-07 17:31:34
CVE-2024-24816
2024-02-07 17:15:11
veracode
veracode
Cross Site Scripting (XSS)
2024-02-08 04:14:20
github
github
nvd
nvd
CVE-2024-24816
2024-02-07 17:15:11
debiancve
debiancve
CVE-2024-24816
2024-02-07 17:15:11
prion
prion
Cross site scripting
2024-02-07 17:15:00
ubuntucve
ubuntucve
CVE-2024-24816
2024-02-07 00:00:00
cvelist
cvelist
cve
cve
CVE-2024-24816
2024-02-07 17:15:11
nessus
nessus
CKEditor 4.x < 4.24.0-lts Multitple XSS
2024-02-09 00:00:00
openvas
openvas
CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Windows
2023-11-20 00:00:00
CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Linux
2023-11-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00