7 matches found
Security Bulletin: Due to the use of CKEditor, IBM Engineering Lifecycle Management - Jazz Foundation is affected by a Cross-Site scripting vulnerability
Summary Below vulnerability has been identified in CKEditor, which has been addressed by IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2023-4771 DESCRIPTION: A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15....
Linux Distros Unpatched Vulnerability : CVE-2023-4771
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code...
Exploit for Cross-site Scripting in Cksource Ckeditor
CKEditor cross-site scripting vulnerability in AJAX sample CVE...
CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Windows
CKEditor 4 is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Linux
CKEditor 4 is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2023-4771
A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an authorized user's information...
CVE-2023-4771
CVE-2023-4771 is a CKEditor XSS vulnerability affecting CKEditor 4.x (notably versions 4.15.1 and earlier) where an attacker could inject JavaScript via the /ckeditor/samples/old/ajax.html sample to access an authorized user’s data. The CVSS base score is 6.1 (CVSSv3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:...