7 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-32809
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Clipboard package. The...
Ubuntu 16.04 ESM : CKEditor vulnerabilities (USN-5340-2)
The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5340-2 advisory. USN-5340-1 fixed several vulnerabilities in CKEditor. This update provides the fixes for CVE-2018-9861, CVE-2020-9281, CVE-2021-32809, CVE-2021-33829 and...
USN-5340-2: CKEditor vulnerabilities
USN-5340-1 fixed several vulnerabilities in CKEditor. This update provides the fixes for CVE-2018-9861, CVE-2020-9281, CVE-2021-32809, CVE-2021-33829 and CVE-2021-37695 for Ubuntu 16.04 ESM. Original advisory details: Kyaw Min Thein discovered that CKEditor incorrectly handled certain inputs. An...
Drupal 8.9.x < 8.9.18 Third-Party Library Vulnerability
According to its self-reported version, the instance of Drupal running on the remote web server is 8.9.x prior to 8.9.18, 9.1.x prior to 9.1.12, or 9.2.x prior to 9.2.4. It is, therefore, affected by multiple vulnerabilities due to its usage of a third party component, CKEditor, for WYSIWYG...
Drupal 9.2.x < 9.2.4 Third-Party Library Vulnerability
According to its self-reported version, the instance of Drupal running on the remote web server is 8.9.x prior to 8.9.18, 9.1.x prior to 9.1.12, or 9.2.x prior to 9.2.4. It is, therefore, affected by multiple vulnerabilities due to its usage of a third party component, CKEditor, for WYSIWYG...
CVE-2021-32809
creationtimestamp| type| source ---|---|--- 2021-08-12 20:39:02+00:00| seen| https://t.me/cibsecurity/27245...
CVE-2021-32809
CVE-2021-32809 concerns CKEditor 4’s Clipboard functionality. Affected: CKEditor 4, Clipboard plugin, version >= 4.5.2. Root cause: HTML injected via malformed paste content could be executed within the editor’s context. Impact: potential HTML injection into the editor content (code injection ...