13 matches found
FreeBSD : typo3 -- multiple vulnerabilities (b1ac663f-3aa9-11ee-b887-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the b1ac663f-3aa9-11ee-b887-b42e991fc52e advisory. - ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been...
GHSA-M8FW-P3CR-6JQC Cross-Site Scripting in CKEditor4 WordCount Plugin
CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C 4.4 Problem The WordCount plugin npm:ckeditor-wordcount-plugin for CKEditor4 is vulnerable to cross-site scripting when switching to the source code mode. This plugin is enabled via the Full.yaml configuration present, but is not...
Cross-Site Scripting in CKEditor4 WordCount Plugin
CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C 4.4 Problem The WordCount plugin npm:ckeditor-wordcount-plugin for CKEditor4 is vulnerable to cross-site scripting when switching to the source code mode. This plugin is enabled via the Full.yaml configuration present, but is not...
TYPO3 9.5.0 < 9.5.42 ELTS / 10.0.0 < 10.4.39 ELTS / 11.0.0 < 11.5.30 XSS (TYPO3-CORE-SA-2023-004)
The version of TYPO3 installed on the remote host is prior to 9.5.0 9.5.42 ELTS / 10.0.0 10.4.39 ELTS / 11.0.0 11.5.30. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2023-004 advisory. - ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. ...
CVE-2023-37905
ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the...
Cross site scripting
ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the...
CVE-2023-37905 Cross-site Scripting (XSS) in Source Mode of Editor in ckeditor-wordcount-plugin
ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the...
CVE-2023-37905 Cross-site Scripting (XSS) in Source Mode of Editor in ckeditor-wordcount-plugin
ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the...
CVE-2023-37905
The CVE-2023-37905 entry concerns the CKEditor4 WordCount Plugin (ckeditor-wordcount-plugin). The issue is a cross-site scripting vulnerability that occurs when switching to source code mode. According to the provided documents, this vulnerability is addressed in version 1.17.12 of the plugin, an...
CKEditor 跨站脚本漏洞
CKEditor is an open source, web-based text editor. A cross-site scripting vulnerability exists in CKEditor-WordCount-Plugin versions prior to 1.17.12, which stems from the vulnerability to cross-site scripting attacks when switching to source code mode...
Cross-site Scripting (XSS)
ckeditor-wordcount-plugin is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the strip function at plugin.js when switching to the source code mode which allows an attacker to inject and execute arbitrary javascript...
GHSA-Q9W4-W667-QQJ4 ckeditor-wordcount-plugin vulnerable to Cross-site Scripting in Source Mode of Editor
Problem It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. Solution Update to version 1.17.12 of the ckeditor-wordcount-plugin plugin. Credits @sypets for reporting this finding to the TYPO3...
ckeditor-wordcount-plugin vulnerable to Cross-site Scripting in Source Mode of Editor
Problem It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. Solution Update to version 1.17.12 of the ckeditor-wordcount-plugin plugin. Credits @sypets for reporting this finding to the TYPO3...