7 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-24816
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior t...
@amplicode/addon-email-templates (>=0.0.1-snapshot.8 <=0.1.0-snapshot.1.6), @dankolz/news-flash (>=1.0.1 <=1.0.2) +10 more potentially affected by CVE-2024-24816 via ckeditor4 (>=4.14.0 <=4.22.1)
ckeditor4 NPM version =4.14.0, =0.0.1-snapshot.8, =1.0.1, =1.0.0, =1.0.5, =1.0.0, =2.10.93, =2.10.0, =0.0.0, =1.0.36, =1.0.6, =1.0.59 Source cves: CVE-2024-24816 Source advisory: OSV:GHSA-MW2C-VX6J-MG76...
CVE-2024-24816
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the preview feature. All integrators that use these samples in the production code can be affected. The...
CVE-2024-24816
CVE-2024-24816 affects CKEditor4 prior to 4.24.0-lts, in samples that expose the misconfigured preview feature. An attacker could execute JavaScript via the preview path in production code using affected CKEditor 4 instances. A remedy is to upgrade to CKEditor 4.24.0-lts or later. The provided co...
CVE-2024-24816 Cross-site scripting (XSS) vulnerability in samples with enabled the preview feature
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the preview feature. All integrators that use these samples in the production code can be affected. The...
CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Linux
CKEditor 4 is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Windows
CKEditor 4 is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...