Fedora 36 : ckeditor (2022-b61dfd219b)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-b61dfd219b advisory. CKEditor 4.20 New Features: 5084: Added the config.tabletoolsscopedHeaders configuration option controlling the behaviour of table headers with and...

Cross-Site Scripting (XSS)

ckeditor4 is vulnerable to cross-site scripting. The vulnerability exists due to a lack of sanitization of HTML in the Advance Content Filter ACF module which allows an attacker to inject maliciously crafted HTML containing Javascript code...

CVE-2021-41164

CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter ACF module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result ...

CVE-2021-41164

CKEditor4 contains an Advanced Content Filter (ACF) vulnerability (CVE-2021-41164) that allows injection of malformed HTML bypassing sanitization, enabling JavaScript execution. Affected: CKEditor4

CVE-2021-41164

CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter ACF module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result ...