[SECURITY] Fedora 31 Update: seamonkey-2.53.5-2.fc31

SeaMonkey is an all-in-one Internet application suite previously made popular by Netscape and Mozilla. It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application...

[SECURITY] Fedora 32 Update: seamonkey-2.53.5-2.fc32

SeaMonkey is an all-in-one Internet application suite previously made popular by Netscape and Mozilla. It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application...

The vulnerability of Adobe Dreamweaver’s HTML editor lies in the uncontrolled search path element, which allows attackers to escalate their privileges.

The vulnerability of the Adobe Dreamweaver HTML editor is related to an uncontrolled search path element. Exploiting this vulnerability can allow attackers to enhance their privileges...

[SECURITY] Fedora 33 Update: seamonkey-2.53.4-1.fc33

SeaMonkey is an all-in-one Internet application suite previously made popular by Netscape and Mozilla. It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application...

Fedora 31 : roundcubemail (2020-b1e023936e)

RELEASE 1.4.8 - Security: Fix potential XSS issue in HTML editor of the identity signature input 7507 - Managesieve: Fix too-small input field in Elastic when using custom headers 7498 - Fix support for an error as a string in messagebeforesend hook 7475 - Elastic: Fix redundant scrollbar in plai...

Fedora 32 : roundcubemail (2020-d0f8f20cfc)

RELEASE 1.4.8 - Security: Fix potential XSS issue in HTML editor of the identity signature input 7507 - Managesieve: Fix too-small input field in Elastic when using custom headers 7498 - Fix support for an error as a string in messagebeforesend hook 7475 - Elastic: Fix redundant scrollbar in plai...

MGASA-2020-0339 Updated roundcubemail packages fix security vulnerabilities

Fix potential XSS issue in HTML editor of the identity signature input Fix cross-site scripting XSS via HTML messages with malicious svg content CVE-2020-16145 Fix cross-site scripting XSS via HTML messages with malicious math content...

Updated roundcubemail packages fix security vulnerabilities

Fix potential XSS issue in HTML editor of the identity signature input Fix cross-site scripting XSS via HTML messages with malicious svg content CVE-2020-16145 Fix cross-site scripting XSS via HTML messages with malicious math content...

Froala WYSIWYG HTML Editor 3.1.1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Product: Froala WYSIWYG HTML Editor Vendor: Froala CSNC ID: CSNC-2020-004 CVE ID: CVE-2019-19935 Subject: DOM XSS in Froala WYSIWYG HTML Editor Severity: Medium Effect: Remotely exploitable Author: Emanuel Duss Date: 2020-07-01 Introduction...

Froala WYSIWYG HTML Editor 3.1.1 Cross Site Scripting

COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: Froala WYSIWYG HTML Editor Vendor: Froala CSNC ID: CSNC-2020-004 CVE ID: CVE-2019-19935 Subject: DOM XSS in Froala WYSIWYG HTML Editor Severity: Medium Effect: Remotely exploitable Author: Emanuel Duss Date:...

Fedora: Security Advisory for drupal7-ckeditor (FEDORA-2020-71ebbd64dc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for drupal7-ckeditor (FEDORA-2020-e653bca022)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 31 Update: drupal7-ckeditor-1.19-1.fc31

This module will allow Drupal to replace textarea fields with the CKEditor - a visual HTML editor 1, usually called a WYSIWYG editor. This HTML text edi tor brings many of the powerful WYSIWYG editing functions of known desktop edit ors like Word to the web. It's very fast and doesn't require any...

Cross-Site Scripting (XSS)

moodle/moodle is vulnerable to cross-site scripting XSS. A remote attacker is able to inject and execute arbitrary Javascript in a user's browser via the introeditortext parameter or the TinyMCE HTML editor...

Progress Telerik UI for ASP.NET AJAX Code Issue Vulnerability

Progress Telerik UI for ASP.NET AJAX is an HTML editor. A code issue vulnerability exists in Progress Telerik UI for ASP.NET AJAX 2019.3.1023 and prior versions. The vulnerability stems from an improperly designed or implemented code development process for a web-based system or product. No...

PT-2019-13973 · Opencart · Opencart

Name of the Vulnerable Software and Affected Versions: OpenCart versions 3.x Description: The issue allows stored XSS within the Source/HTML editing feature of the Categories, Product, and Information pages when an attacker has login access to the admin panel. Recommendations: For OpenCart versio...

Cross-Site Scripting (XSS)

DotNetNuke.Web is vulnerable to cross-site scripting. The Telerik HTML editor allows remote attackers to inject arbitrary Javascript into a victim's browser to steal session cookies and perform unwanted actions on behalf of the user...

WordPress BBE theme <= 1.52 - Direct Object Reference vulnerability

Direct Object Reference vulnerability found by Zhihua Yao in WordPress BBE theme versions = 1.52. The vulnerability allows a direct launch of an HTML editor. Solution Update the WordPress BBE theme to the latest available version at least 1.53...

BBE theme for WordPress HTML editor vulnerability

BBE theme for WordPress is a theme plugin for the WordPress platform. A security vulnerability exists in BBE theme for WordPress versions prior to 1.53. An attacker can exploit the vulnerability to launch the HTML editor directly...

CVE-2018-11244

The BBE theme before 1.53 for WordPress allows a direct launch of an HTML editor...