Security Bulletin: Due to the use of CKEditor, IBM Engineering Lifecycle Management - Jazz Foundation is affected by a Cross-Site scripting vulnerability

Summary Below vulnerability has been identified in CKEditor, which has been addressed by IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2023-4771 DESCRIPTION: A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15....

Linux Distros Unpatched Vulnerability : CVE-2023-4771

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code...

CVE-2011-4771

The Scan to PDF Free com.scan.to.pdf.trial application 2.0.4 for Android does not properly protect data, which allows remote attackers to read or modify scanned files and a Google account via a crafted application...

CVE-2005-4771

Trusted Mobility Agent PC Policy in Trust Digital Trusted Mobility Suite provides a cancel button that bypasses the domain-authentication prompt, which allows local users to sync a handheld PDA device despite a policy setting that sync is unauthorized...

CVE-2025-4771

A vulnerability, which was classified as critical, was found in PHPGurukul Online Course Registration 3.1. Affected is an unknown function of the file /admin/course.php. The manipulation of the argument coursecode leads to sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2025-4771

creationtimestamp| type| source ---|---|--- 2025-05-16 12:34:23+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16680...

CVE-2025-4771

A vulnerability, which was classified as critical, was found in PHPGurukul Online Course Registration 3.1. Affected is an unknown function of the file /admin/course.php. The manipulation of the argument coursecode leads to sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2025-4771 PHPGurukul Online Course Registration course.php sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul Online Course Registration 3.1. Affected is an unknown function of the file /admin/course.php. The manipulation of the argument coursecode leads to sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2025-4771 PHPGurukul Online Course Registration course.php sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul Online Course Registration 3.1. Affected is an unknown function of the file /admin/course.php. The manipulation of the argument coursecode leads to sql injection. It is possible to launch the attack remotely. The exploit h...

Exploit for Cross-site Scripting in Cksource Ckeditor

CKEditor cross-site scripting vulnerability in AJAX sample CVE...

Ubuntu: Security Advisory (USN-6779-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-6779-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6779-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-4767, CVE-2024-4768,...

Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6779-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6779-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially explo...

CVE-2024-4771

A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox 126...

CVE-2024-4771

A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox 126...

RHEL 6 / 7 : rh-mysql56-mysql (RHSA-2015:1630)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1630 advisory. - mysql: unspecified vulnerability related to Server:GIS CPU July 2015 CVE-2015-2582 - mysql: unspecified vulnerability related to...

CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Linux

CKEditor 4 is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Windows

CKEditor 4 is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2023-4771

A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an authorized user's information...