10 matches found
PT-2026-46840
Name of the Vulnerable Software and Affected Versions OpenStack Ironic versions 32 through 35.0.1 Description An unauthenticated malicious user can cause a service crash by submitting a crafted JSON string to certain endpoints on the API or JSON-RPC service. Recommendations Update OpenStack Ironi...
CVE-2026-42997
An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be sent to a remote endpoint. The credential forwarded is a time-limited Keystone token which provides access to all OpenStack services Ironic is authorized for; o...
Linux Distros Unpatched Vulnerability : CVE-2022-31175
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions...
CVE-2022-31175
CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are...
GHSA-42WQ-RCH8-6F6J CKEditor5 cross-site scripting vulnerability caused by the editor instance destroying process
Affected packages @ckeditor/ckeditor5-markdown-gfm @ckeditor/ckeditor5-html-support @ckeditor/ckeditor5-html-embed Impact A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages. The vulnerability allowed to trigger a JavaScript code after fulfillin...
CKEditor5 cross-site scripting vulnerability caused by the editor instance destroying process
Affected packages @ckeditor/ckeditor5-markdown-gfm @ckeditor/ckeditor5-html-support @ckeditor/ckeditor5-html-embed Impact A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages. The vulnerability allowed to trigger a JavaScript code after fulfillin...
CKEditor 5 < 35.0.1 XSS Vulnerability - Windows
CKEditor 5 is prone to a cross-site scripting XSS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
CVE-2022-31175
CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are...
CVE-2022-31175 Cross-site scripting caused by the editor instance destroying process in ckeditor5
CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are...
CVE-2022-31175 Cross-site scripting caused by the editor instance destroying process in ckeditor5
CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are...