3 matches found
CKEditor 4.0.1 多个安全漏洞
CKEditor是一款在线文字编辑器 CKEditor存在多个安全漏洞,允许攻击者利用漏洞进行跨站请求伪造,跨站脚本攻击及获取路径信息 0 CKEditor 4.0.1 厂商解决方案 目前没有详细解决方案提供: http://ckeditor.com/ =========================================== Vulnerable Software: ckeditor 4.0.1 standard Download:...
CKEditor 4.0.1 - Multiple Vulnerabilities
=========================================== Vulnerable Software: ckeditor 4.0.1 standard Download: http://download.cksource.com/CKEditor/CKEditor/CKEditor%204.0.1/ckeditor4.0.1standard.zip Vulns: Full Path Disclosure && XSS =========================================== Tested On: Debian squeeze 6.0...
CKEditor - 'posteddata.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/58045/info CKEditor is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...