11 matches found
EUVD-2024-2865
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-45613
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the...
Cross Site Scripting(XSS)
CKEditor 5 is vulnerable to a Cross-Site Scripting XSS. The vulnerability is due to Insecure Editor Configuration and lack of Input Sanitization in the CKEditor 5 clipboard package, which allows an attacker to insert malicious content into the editor when the General HTML Support or HTML Embed...
GHSA-RGG8-G5X8-WR9V Cross-site scripting (XSS) in the clipboard package
Impact During a recent internal audit, we identified a Cross-Site Scripting XSS vulnerability in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code execution, if the attacker managed to insert a malicious...
CVE-2024-45613
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
UBUNTU-CVE-2024-45613
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
CVE-2024-45613
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
CVE-2024-45613 CKEditor 5 has Cross-site Scripting vulnerability in the clipboard package
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
CVE-2024-45613 CKEditor 5 has Cross-site Scripting vulnerability in the clipboard package
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
CVE-2024-45613 CKEditor 5 has Cross-site Scripting vulnerability in the clipboard package
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
PT-2024-31709 · Unknown · Ckeditor 5
Name of the Vulnerable Software and Affected Versions: CKEditor 5 versions 40.0.0 through 43.1.1 Description: A Cross-Site Scripting XSS issue is present in the CKEditor 5 clipboard package, which could be triggered by a specific user action, leading to unauthorized JavaScript code execution if a...