Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-24816

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior t...

6.1CVSS6.8AI score0.01652EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2024/02/07 5:31 p.m.5 views

@amplicode/addon-email-templates (>=0.0.1-snapshot.8 <=0.1.0-snapshot.1.6), @dankolz/news-flash (>=1.0.1 <=1.0.2) +10 more potentially affected by CVE-2024-24816 via ckeditor4 (>=4.14.0 <=4.22.1)

ckeditor4 NPM version =4.14.0, =0.0.1-snapshot.8, =1.0.1, =1.0.0, =1.0.5, =1.0.0, =2.10.93, =2.10.0, =0.0.0, =1.0.36, =1.0.6, =1.0.59 Source cves: CVE-2024-24816 Source advisory: OSV:GHSA-MW2C-VX6J-MG76...

6.1CVSS6.8AI score0.01652EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/02/07 5:15 p.m.23 views

CVE-2024-24816

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the preview feature. All integrators that use these samples in the production code can be affected. The...

6.1CVSS6.9AI score0.01652EPSS
Exploits0References3
CVE
CVE
added 2024/02/07 4:58 p.m.289 views

CVE-2024-24816

CVE-2024-24816 affects CKEditor4 prior to 4.24.0-lts, in samples that expose the misconfigured preview feature. An attacker could execute JavaScript via the preview path in production code using affected CKEditor 4 instances. A remedy is to upgrade to CKEditor 4.24.0-lts or later. The provided co...

6.1CVSS5.7AI score0.01652EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/07 4:58 p.m.22 views

CVE-2024-24816 Cross-site scripting (XSS) vulnerability in samples with enabled the preview feature

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the preview feature. All integrators that use these samples in the production code can be affected. The...

6.1CVSS5.9AI score0.01652EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/11/20 12:0 a.m.14 views

CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Linux

CKEditor 4 is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS6.9AI score0.01652EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2023/11/20 12:0 a.m.19 views

CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Windows

CKEditor 4 is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS6.9AI score0.01652EPSS
Exploits1References3
Rows per page
Query Builder