Lucene search
K

15 matches found

Fedora
Fedora
added 2025/12/04 12:53 a.m.6 views

[SECURITY] Fedora 43 Update: sigil-2.6.2-3.fc43

Sigil is a multi-platform WYSIWYG ebook editor. It is designed to edit books in ePub format. Now what does it have to offer... Full Unicode support: everything you see in Sigil is in UTF-16 Full EPUB spec support WYSIWYG editing Multiple Views: Book View, Code View and Split View Metadata editor...

7AI score
Exploits0
CVE
CVE
added 2025/01/14 5:42 p.m.88 views

CVE-2025-23025

CVE-2025-23025 affects XWiki Platform due to the Realtime WYSIWYG Editor extension. A user with only edit rights can join a realtime session where other users have script or programming rights and insert script rendering macros that execute for those users, potentially enabling elevation of privi...

9CVSS9.1AI score0.00396EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/01/14 5:42 p.m.28 views

CVE-2025-23025 Privilege escalation (PR) through realtime WYSIWYG editing in XWiki

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. NOTE: The Realtime WYSIWYG Editor extension was experimental, and thus not recommended, in the versions affected by this vulnerability. It has become enabled by default, and thus recommended,...

9CVSS0.00396EPSS
Exploits0References4
Veracode
Veracode
added 2024/06/24 10:18 a.m.10 views

Cross Site Scripting (XSS)

drupal/drupal is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to the issues in the CKEditor library when configured for WYSIWYG editing, allowing attackers to target users with access to CKEditor, including privileged site admins...

6.3AI score
Exploits0
OpenVAS
OpenVAS
added 2022/03/18 12:0 a.m.25 views

Drupal Multiple Vulnerabilities in Third-party Library (SA-CORE-2022-005) - Windows

Drupal is prone to multiple vulnerabilities in a third-party library. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

7.5CVSS6.8AI score0.02448EPSS
Exploits0References3
OSV
OSV
added 2021/11/17 9:28 p.m.3 views

DRUPAL-CORE-2021-011

The Drupal project uses the CKEditor library for WYSIWYG editing. CKEditor has released a security update that impacts Drupal, along with a hotfix for that update. Vulnerabilities are possible if Drupal is configured to allow use of the CKEditor library for WYSIWYG editing. An attacker that can...

6.2AI score
Exploits0References1
Drupal
Drupal
added 2021/11/17 12:0 a.m.44 views

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2021-011

The Drupal project uses the CKEditor library for WYSIWYG editing. CKEditor has released a security update that impacts Drupal, along with a hotfix for that update. Vulnerabilities are possible if Drupal is configured to allow use of the CKEditor library for WYSIWYG editing. An attacker that can...

8.2CVSS6.1AI score0.0147EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2021/09/06 12:0 a.m.33 views

Drupal 9.1.x < 9.1.12 Third-Party Library Vulnerability

According to its self-reported version, the instance of Drupal running on the remote web server is 8.9.x prior to 8.9.18, 9.1.x prior to 9.1.12, or 9.2.x prior to 9.2.4. It is, therefore, affected by multiple vulnerabilities due to its usage of a third party component, CKEditor, for WYSIWYG...

7.6CVSS7AI score0.01324EPSS
Exploits0References5
Prion
Prion
added 2021/04/29 1:15 a.m.12 views

Denial of service

CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the following npm packages: ckeditor5-engine, ckeditor5-font, ckeditor5-image, ckeditor5-list, ckeditor5-markdown-gfm, ckeditor5-media-embed, ckeditor5-paste-from-office, and ckeditor5-widget. Following an internal audit, a regular...

4.3CVSS6.3AI score0.01667EPSS
Exploits0References9Affected Software8
Debian CVE
Debian CVE
added 2021/04/29 12:20 a.m.19 views

CVE-2021-21391

Removed by vendor...

6.5CVSS6.5AI score0.01667EPSS
Exploits0
Fedora
Fedora
added 2019/03/06 6:59 a.m.31 views

[SECURITY] Fedora 29 Update: ckeditor-4.11.2-1.fc29

CKEditor is a text editor to be used inside web pages. It's a WYSIWYG edito r, which means that the text being edited on it looks as similar as possible to the results users have when publishing it. It brings to the web common edit ing features found on desktop editing applications like Microsoft...

6.1CVSS1.8AI score0.01954EPSS
Exploits1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Acuity CMS 2.7.1 - SQL Injection Vulnerability

No description provided by source. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/12/12 12:0 a.m.23 views

gpEasy CMS - XSS Vulnerability

gpEasy CMS, http://www.gpeasy.com/ Easy to use True WYSIWYG Editing. Flat-file data storage and advanced resource management for fast websites. 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /'...

7.1AI score
Exploits0
myhack58
myhack58
added 2010/09/18 12:0 a.m.46 views

Kindeditor traverse the directory 0DAY-vulnerability warning-the black bar safety net

Author: sub - ↘meter Version: 3.4.2 Description: KindEditor is an open source HTML visual editor, mainly used to allow users on the site to get WYSIWYG editing effects, compatible with IE, Firefox, Chrome, Safari, Opera and other mainstream browser. KindEditor using JavaScript, you can seamlessly...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 1999/04/22 12:0 a.m.26 views

Microsoft Internet Explorer 4/5 - DHTML Edit ActiveX Control File Stealing / Cross Frame Access

source: https://www.securityfocus.com/bid/116/info Vulnerabilities in an ActiveX control distributed with Internet Explorer 5 and available for Internet Explorer 4 allow malicous web sites to steal local files and to bypass cross-frame security rules. The DHTML Edit Control Safe for Scripting...

7AI score
Exploits0
Rows per page
Query Builder