12 matches found
EUVD-2024-2865
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-45613
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the...
The vulnerability of the General HTML Support function (GHS) and the HTML embed panel in the Block Toolbar of the CKEditor editor allows attackers to execute XSS attacks.
The vulnerability of the General HTML Support function and the HTML embed panel in the Block Toolbar WYSIWYG-editor CKEditor is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability may allow a malicious actor to carry out XSS attacks remotely...
Cross Site Scripting(XSS)
CKEditor 5 is vulnerable to a Cross-Site Scripting XSS. The vulnerability is due to Insecure Editor Configuration and lack of Input Sanitization in the CKEditor 5 clipboard package, which allows an attacker to insert malicious content into the editor when the General HTML Support or HTML Embed...
GHSA-RGG8-G5X8-WR9V Cross-site scripting (XSS) in the clipboard package
Impact During a recent internal audit, we identified a Cross-Site Scripting XSS vulnerability in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code execution, if the attacker managed to insert a malicious...
CVE-2024-45613
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
UBUNTU-CVE-2024-45613
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
CVE-2024-45613 CKEditor 5 has Cross-site Scripting vulnerability in the clipboard package
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
CVE-2024-45613
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
CVE-2024-45613 CKEditor 5 has Cross-site Scripting vulnerability in the clipboard package
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
CVE-2024-45613 CKEditor 5 has Cross-site Scripting vulnerability in the clipboard package
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
PT-2024-31709 · Unknown · Ckeditor 5
Name of the Vulnerable Software and Affected Versions: CKEditor 5 versions 40.0.0 through 43.1.1 Description: A Cross-Site Scripting XSS issue is present in the CKEditor 5 clipboard package, which could be triggered by a specific user action, leading to unauthorized JavaScript code execution if a...