Lucene search
+L

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:54 a.m.7 views

CVE-2021-41165

CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, which could result...

8.2CVSS7.5AI score0.0147EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/12/21 12:0 a.m.40 views

Fedora 36 : ckeditor (2022-b61dfd219b)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-b61dfd219b advisory. CKEditor 4.20 New Features: 5084: Added the config.tabletoolsscopedHeaders configuration option controlling the behaviour of table headers with and...

8.2CVSS7AI score0.02448EPSS
Exploits0References5
OSV
OSV
added 2022/02/27 3:27 a.m.10 views

GSD-2022-1000586 net: ieee802154: ca8210: Stop leaking skb's

net: ieee802154: ca8210: Stop leaking skb's This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.22 by commit...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2021/11/18 12:0 a.m.28 views

CKEditor 4.0 < 4.17.0 Multiple Vulnerabilities - Linux

CKEditor is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.2CVSS5.9AI score0.0147EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2021/11/17 9:58 p.m.4 views

ferris-rich-input (=0.0.1) potentially affected by CVE-2021-41165 via ckeditor4 (=4.14.0)

ckeditor4 NPM version =4.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on ckeditor4 and may be impacted: - ferris-rich-input =0.0.1 Source cves: CVE-2021-41165 Source advisory: OSV:GHSA-7H26-63M7-QHF2...

8.2CVSS6.7AI score0.0147EPSS
Exploits0
OSV
OSV
added 2021/11/17 9:28 p.m.3 views

DRUPAL-CORE-2021-011

The Drupal project uses the CKEditor library for WYSIWYG editing. CKEditor has released a security update that impacts Drupal, along with a hotfix for that update. Vulnerabilities are possible if Drupal is configured to allow use of the CKEditor library for WYSIWYG editing. An attacker that can...

6.2AI score
Exploits0References1
CVE
CVE
added 2021/11/17 7:15 p.m.227 views

CVE-2021-41165

CKEditor4 core HTML processing vulnerability (CVE-2021-41165) allows injection of malformed HTML comments bypassing content sanitization, potentially enabling JavaScript execution. Affected: CKEditor 4.x versions before 4.17.0 (affects all plugins). Impact: execution of arbitrary script in affect...

8.2CVSS6.2AI score0.0147EPSS
Exploits0References6Affected Software1
Drupal
Drupal
added 2021/11/17 12:0 a.m.45 views

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2021-011

The Drupal project uses the CKEditor library for WYSIWYG editing. CKEditor has released a security update that impacts Drupal, along with a hotfix for that update. Vulnerabilities are possible if Drupal is configured to allow use of the CKEditor library for WYSIWYG editing. An attacker that can...

8.2CVSS6.1AI score0.0147EPSS
Exploits0References16
Rows per page
Query Builder