Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
friendsofphpOpenJS FoundationFRIENDSOFPHP:DRUPAL:CORE:CVE-2018-9861
HistoryJan 01, 1970 - 12:00 a.m.

Moderately critical - Cross Site Scripting

1970-01-0100:00:00
OpenJS Foundation
github.com
8

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

9.7 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

59.0%

JSON

More info at https://www.drupal.org/sa-core-2018-003

Affected configurations

Vulners
Node
drupaldrupalRange<8.5.2
CPENameOperatorVersion
drupal/corelt8.5.2

Related

osv 4
openvas 12
friendsofphp 1
nvd 1
nessus 7
prion 1
github 1
cvelist 1
ubuntucve 1
cve 1
fedora 8
ubuntu 2
oracle 1
osv
osv
Enhanced Image plugin for CKEditor is vulnerable to Cross-site scripting (XSS)
2022-05-14 00:56:02
CVE-2018-9861
2018-04-19 17:29:00
ckeditor vulnerabilities
2022-03-22 16:43:31
openvas
openvas
Drupal Cross Site Scripting Vulnerability (SA-CORE-2018-003) - Windows
2018-04-19 00:00:00
Drupal Cross Site Scripting Vulnerability (SA-CORE-2018-003) - Linux
2018-04-19 00:00:00
Fedora Update for ckeditor FEDORA-2019-31ad8a36d8
2019-03-07 00:00:00
friendsofphp
friendsofphp
Moderately critical - Cross Site Scripting
1970-01-01 00:00:00
nvd
nvd
CVE-2018-9861
2018-04-19 17:29:00
nessus
nessus
CKEditor 4.5.11 < 4.9.2 Enhanced Image Plugin XSS
2018-04-27 00:00:00
Fedora 28 : ckeditor (2019-31ad8a36d8)
2019-03-07 00:00:00
Fedora 28 : drupal8 (2018-8fd924a53d) (Drupalgeddon 2)
2019-01-03 00:00:00
prion
prion
Cross site scripting
2018-04-19 17:29:00
github
github
Enhanced Image plugin for CKEditor is vulnerable to Cross-site scripting (XSS)
2022-05-14 00:56:02
cvelist
cvelist
CVE-2018-9861
2018-04-19 17:00:00
ubuntucve
ubuntucve
CVE-2018-9861
2018-04-19 00:00:00
cve
cve
CVE-2018-9861
2018-04-19 17:29:00
fedora
fedora
[SECURITY] Fedora 29 Update: ckeditor-4.11.2-1.fc29
2019-03-06 06:59:00
[SECURITY] Fedora 28 Update: ckeditor-4.11.2-1.fc28
2019-03-06 15:29:01
[SECURITY] Fedora 27 Update: drupal8-8.4.8-1.fc27
2018-05-10 19:13:53
ubuntu
ubuntu
CKEditor vulnerabilities
2022-03-23 00:00:00
CKEditor vulnerabilities
2022-03-22 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2019
2019-07-16 00:00:00

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

9.7 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

59.0%

JSON
Related for FRIENDSOFPHP:DRUPAL:CORE:CVE-2018-9861
osv4openvas12friendsofphp1nvd1nessus7prion1github1cvelist1ubuntucve1cve1fedora8ubuntu2oracle1