Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CKEditor 5 35.4.0 - Cross-Site Scripting (XSS)

🗓️ 05 Apr 2023 00:00:00Reported by Manish PathakType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 205 Views

CKEditor 5 35.4.0 XSS vulnerability via Full Featured CKEditor5 Widget, allows arbitrary script executio

Related
Code
ReporterTitlePublishedViews
Family
0day.today		CKSource CKEditor5 35.4.0 Cross Site Scripting Vulnerability
13 Feb 202300:00
zdt
0day.today		CKEditor 5 35.4.0 - Cross-Site Scripting Vulnerability
5 Apr 202300:00
zdt
IBM Security Bulletins		Security Bulletin: Netcool Operations Insight v1.6.8 addresses multiple security vulnerabilities.
11 Apr 202311:47
ibm
BDU FSTEC		The vulnerability of CKEditor’s WYSIWYG editor, related to the lack of protection for website structure, allows attackers to execute XSS attacks.
7 Sep 202300:00
bdu_fstec
Circl		CVE-2022-48110
13 Feb 202322:29
circl
CNNVD		CKEditor 跨站脚本漏洞
9 Feb 202300:00
cnnvd
CVE		CVE-2022-48110
13 Feb 202300:00
cve
Cvelist		CVE-2022-48110
13 Feb 202300:00
cvelist
Github Security Blog		Cross-site scripting in CKEditor5
13 Feb 202321:31
github
NVD		CVE-2022-48110
13 Feb 202320:15
nvd
Rows per page
# Exploit Title: CKEditor 5 35.4.0 - Cross-Site Scripting (XSS)
# Google Dork: N/A
# Date: February 09, 2023
# Exploit Author: Manish Pathak
# Vendor Homepage: https://cksource.com/
# Software Link: https://ckeditor.com/ckeditor-5/download/
# Version: 35.4.0
# Tested on: Linux / Web
# CVE : CVE-2022-48110



CKSource CKEditor5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via Full Featured CKEditor5 Widget as the editor fails to sanitize user provided data.

An attacker can execute arbitrary script in the browser in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. 

CKEditor5 version 35.4.0 is tested & found to be vulnerable.

Documentation avaiable at https://ckeditor.com/docs/ckeditor5/latest/features/html-embed.html#security

Security Docs Says """The HTML embed feature does not currently execute code in <script> tags. However, it will execute code in the on* and src="javascript:..." attributes."""



Payload:

<div class="raw-html-embed">
    <script>alert(456)</script>
</div>

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
05 Apr 2023 00:00Current
6.6Medium risk
Vulners AI Score6.6
CVSS 3.16.1
EPSS0.02097
SSVC
ckeditor 5xssvulnerabilityarbitrary script executionsecurity docshtml embed
205