7 matches found
EUVD-2025-19186
Malicious code in bioql PyPI...
CVE-2025-6674 CKEditor5 Youtube - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-081
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CKEditor5 Youtube allows Cross-Site Scripting XSS.This issue affects CKEditor5 Youtube: from 0.0.0 before 1.0.3...
CVE-2025-6674 CKEditor5 Youtube - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-081
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CKEditor5 Youtube allows Cross-Site Scripting XSS.This issue affects CKEditor5 Youtube: from 0.0.0 before 1.0.3...
Drupal CKEditor5 Youtube 安全漏洞
Drupal CKEditor5 Youtube is a video integration plugin for the Drupal community. A security vulnerability exists in Drupal CKEditor5 Youtube versions prior to 1.0.3, which stems from improper input neutralization and could lead to cross-site scripting attacks...
PT-2025-26963 · Unknown · Ckeditor5 Youtube
Name of the Vulnerable Software and Affected Versions: CKEditor5 Youtube versions 0.0.0 through 1.0.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows an attacker to perform Cross-Site Scripting X...
Drupal CKEditor5 Youtube module < 1.0.4 - Unauthenticated Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS vulnerability discovered by nico.b in WordPress Module CKEditor5 Youtube versions 1.0.4...
CKEditor5 Youtube - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-081
The CKEditor5 Youtube module enhances content creation in Drupal by seamlessly integrating YouTube video embedding into the CKEditor 5 text editor. The module doesn't sufficiently validate iframe sources under the scenario where a user embeds a video using the CKEditor YouTube integration leading...