Lucene search
K

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/09/25 7:15 a.m.12 views

Security Bulletin: Due to the use of CKEditor, IBM Engineering Lifecycle Management - Jazz Foundation is affected by a Cross-Site scripting vulnerability

Summary Below vulnerability has been identified in CKEditor, which has been addressed by IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2023-4771 DESCRIPTION: A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15....

6.1CVSS6.2AI score0.00878EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-4771

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code...

6.1CVSS6.3AI score0.00878EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2024/06/10 8:19 a.m.101 views

Exploit for Cross-site Scripting in Cksource Ckeditor

CKEditor cross-site scripting vulnerability in AJAX sample CVE...

6.1CVSS6.2AI score0.00878EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/11/20 12:0 a.m.20 views

CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Windows

CKEditor 4 is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS6.9AI score0.01652EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2023/11/20 12:0 a.m.14 views

CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Linux

CKEditor 4 is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS6.9AI score0.01652EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2023/11/16 2:8 p.m.50 views

CVE-2023-4771

A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an authorized user's information...

6.1CVSS6.1AI score0.00878EPSS
Exploits1
CVE
CVE
added 2023/11/16 2:8 p.m.74 views

CVE-2023-4771

CVE-2023-4771 is a CKEditor XSS vulnerability affecting CKEditor 4.x (notably versions 4.15.1 and earlier) where an attacker could inject JavaScript via the /ckeditor/samples/old/ajax.html sample to access an authorized user’s data. The CVSS base score is 6.1 (CVSSv3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:...

6.1CVSS6AI score0.00878EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder