Lucene search
China National Vulnerability DatabaseCNVD-2024-09868HistoryFeb 22, 2024 - 12:00 a.m.
CKEditor cross-site scripting vulnerability (CNVD-2024-09868)
2024-02-2200:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
ckeditor
cross-site scripting
vulnerability
advanced content filtering
bypass
javascript execution
html content
CKEditor is an open source, web-based text editor. A cross-site scripting vulnerability exists in CKEditor, which stems from the presence of a cross-site scripting vulnerability that can be exploited by an attacker to bypass the advanced content filtering mechanism to inject incorrectly formatted HTML content, which may result in the execution of JavaScript code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ckeditor ckeditor >=4.0, | lt | 4.24.0 |
Related
prion
prion
Cross site scripting
2024-02-07 16:15:00
debiancve
debiancve
CVE-2024-24815
2024-02-07 16:15:47
cvelist
cvelist
osv
osv
CVE-2024-24815
2024-02-07 16:15:47
nvd
nvd
CVE-2024-24815
2024-02-07 16:15:47
veracode
veracode
Cross-site Scripting (XSS)
2024-02-08 05:03:09
ubuntucve
ubuntucve
CVE-2024-24815
2024-02-07 00:00:00
cve
cve
CVE-2024-24815
2024-02-07 16:15:47
drupal
drupal
github
github
nessus
nessus
CKEditor 4.x < 4.24.0-lts Multitple XSS
2024-02-09 00:00:00
openvas
openvas
CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Windows
2023-11-20 00:00:00
CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Linux
2023-11-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00