Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-43407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The...

6.1CVSS7.2AI score0.00424EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:30 a.m.7 views

CVE-2024-43407

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...

6.1CVSS6.3AI score0.00424EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/09/09 12:0 a.m.15 views

CKEditor < 4.25.0-LTS Multiples Cross-Site Scripting

According to its self-reported version number, the CKEditor application running on the remote host is prior to 4.25.0-LTS or 4.22.x prior to 4.25.0-LTS. It is, therefore, affected by multiples Cross-Site-Scripting : - In CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected...

6.1CVSS6.5AI score0.00424EPSS
Exploits0References4
OSV
OSV
added 2024/08/21 6:31 p.m.17 views

GHSA-6V96-M24V-F58J CKEditor4 low-risk cross-site scripting (XSS) vulnerability linked to potential domain takeover

Affected Packages The issue impacts only editor instances with enabled version notifications. Please note that this feature is disabled by default in all CKEditor 4 LTS versions. Therefore, if you use CKEditor 4 LTS, it is highly unlikely that you are affected by this vulnerability. If you are...

4.8CVSS4AI score0.004EPSS
Exploits0References4
OSV
OSV
added 2024/08/21 6:29 p.m.18 views

GHSA-7R32-VFJ5-C2JV Code Snippet GeSHi plugin in CKEditor 4 has reflected cross-site scripting (XSS) vulnerability

Affected packages The vulnerability has been discovered in Code Snippet GeSHi plugin. All integrators that use GeSHi syntax highlighter on the backend side can be affected. Impact A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a...

6.1CVSS6.6AI score0.00424EPSS
Exploits0References5
NVD
NVD
added 2024/08/21 4:15 p.m.27 views

CVE-2024-43411

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 and above. In a highly unlikely scenario where an attacker gains control over the https://cke4.ckeditor.com domain, they could potentially execute an attack on...

3.1CVSS0.004EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/21 3:17 p.m.17 views

CVE-2024-43411 CKEditor4 has a low risk cross-site scripting (XSS) vulnerability from domain takeover

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 and above. In a highly unlikely scenario where an attacker gains control over the https://cke4.ckeditor.com domain, they could potentially execute an attack on...

3.1CVSS6.6AI score0.004EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/08/21 3:17 p.m.17 views

CVE-2024-43411

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 and above. In a highly unlikely scenario where an attacker gains control over the https://cke4.ckeditor.com domain, they could potentially execute an attack on...

3.1CVSS7.8AI score0.004EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/08/21 3:15 p.m.19 views

CVE-2024-43407

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...

6.1CVSS7.1AI score0.00424EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/08/21 3:3 p.m.18 views

CVE-2024-43407 Code Snippet GeSHi plugin has reflected cross-site scripting (XSS) vulnerability

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...

6.1CVSS6.5AI score0.00424EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/08/21 3:3 p.m.14 views

CVE-2024-43407

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...

6.1CVSS7.8AI score0.00424EPSS
Exploits0
Cvelist
Cvelist
added 2024/08/21 3:3 p.m.34 views

CVE-2024-43407 Code Snippet GeSHi plugin has reflected cross-site scripting (XSS) vulnerability

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...

6.1CVSS0.00424EPSS
Exploits0References3
Rows per page
Query Builder