CKEditor 5 35.4.0 XSS vulnerability via Full Featured CKEditor5 Widget, allows arbitrary script executio
Reporter | Title | Published | Views | Family All 12 |
---|---|---|---|---|
OSV | Cross-site scripting in CKEditor5 | 13 Feb 202321:31 | – | osv |
Cvelist | CVE-2022-48110 | 13 Feb 202300:00 | – | cvelist |
OpenVAS | CKEditor 5 <= 35.4.0 XSS Vulnerability | 14 Feb 202300:00 | – | openvas |
0day.today | CKSource CKEditor5 35.4.0 Cross Site Scripting Vulnerability | 13 Feb 202300:00 | – | zdt |
0day.today | CKEditor 5 35.4.0 - Cross-Site Scripting Vulnerability | 5 Apr 202300:00 | – | zdt |
NVD | CVE-2022-48110 | 13 Feb 202320:15 | – | nvd |
CVE | CVE-2022-48110 | 13 Feb 202320:15 | – | cve |
UbuntuCve | CVE-2022-48110 | 13 Feb 202300:00 | – | ubuntucve |
Github Security Blog | Cross-site scripting in CKEditor5 | 13 Feb 202321:31 | – | github |
Prion | Cross site scripting | 13 Feb 202320:15 | – | prion |
# Exploit Title: CKEditor 5 35.4.0 - Cross-Site Scripting (XSS)
# Google Dork: N/A
# Date: February 09, 2023
# Exploit Author: Manish Pathak
# Vendor Homepage: https://cksource.com/
# Software Link: https://ckeditor.com/ckeditor-5/download/
# Version: 35.4.0
# Tested on: Linux / Web
# CVE : CVE-2022-48110
CKSource CKEditor5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via Full Featured CKEditor5 Widget as the editor fails to sanitize user provided data.
An attacker can execute arbitrary script in the browser in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
CKEditor5 version 35.4.0 is tested & found to be vulnerable.
Documentation avaiable at https://ckeditor.com/docs/ckeditor5/latest/features/html-embed.html#security
Security Docs Says """The HTML embed feature does not currently execute code in <script> tags. However, it will execute code in the on* and src="javascript:..." attributes."""
Payload:
<div class="raw-html-embed">
<script>alert(456)</script>
</div>
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo