30 matches found
EUVD-2021-1200
Malware in sbrugna...
EUVD-2021-1398
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-33829
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executab...
BIT-DRUPAL-2020-9281
A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...
BIT-DRUPAL-2021-33829
A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...
SUSE CVE-2021-33829
A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...
Ubuntu 16.04 ESM : CKEditor vulnerabilities (USN-5340-2)
The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5340-2 advisory. USN-5340-1 fixed several vulnerabilities in CKEditor. This update provides the fixes for CVE-2018-9861, CVE-2020-9281, CVE-2021-32809, CVE-2021-33829 and...
CVE-2020-9281
A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...
Ubuntu 18.04 LTS / 20.04 LTS : CKEditor vulnerabilities (USN-5340-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5340-1 advisory. Kyaw Min Thein discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary...
ckeditor4 vulnerable to cross-site scripting
A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...
GHSA-RGX6-RJJ4-C388 ckeditor4 vulnerable to cross-site scripting
A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...
ckeditor4 vulnerable to cross-site scripting
A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...
CKEditor 4.0 < 4.16.1 XSS Vulnerability - Linux
CKEditor is prone to a cross-site scripting XSS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...
DEBIAN-CVE-2021-33829
A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...
Cross site scripting
A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...
UBUNTU-CVE-2021-33829
A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...
CVE-2021-33829
CKEditor 4.x contains a cross-site scripting vulnerability in the HTML Data Processor (affected versions: 4.14.0–4.16.x prior to 4.16.1) where a crafted comment can cause execution of injected JavaScript due to mishandling of --!>. The issue enables remote XSS and is fixed in CKEditor 4.16.1 (...
CVE-2021-33829
A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...
CKEditor 跨站脚本漏洞
CKEditor is an open source, web-based text editor. CKEditor suffers from a cross-site scripting vulnerability that stems from improper handling of input data in the HTML data processor. A remote attacker can inject executable JavaScript code via a crafted comment. The following products and model...
PT-2021-4279
Name of the Vulnerable Software and Affected Versions CKEditor 4 versions 4.14.0 through 4.16.x Description A cross-site scripting XSS vulnerability in the HTML Data Processor allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled. This...