Lucene search
K

6 matches found

NVD
NVD
added 2025/09/04 10:42 a.m.12 views

CVE-2025-58064

CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. ckeditor5 and ckeditor5-clipboard versions 46.0.0 through 46.0.2 and 44.2.0 through 45.2.1 contain a Cross-Site Scripting XSS vulnerability. Ability to exploit could be triggered by a specific user action leading to...

2.3CVSS0.00393EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/09/03 10:42 p.m.9 views

@_sh/strapi-plugin-ckeditor (>=5.0.0 <=6.0.1), @abcxyz123321555/ckeditor5-build-test-version (>=0.7.0 <=0.10.2) +131 more potentially affected by CVE-2025-58064 via @ckeditor/ckeditor5-clipboard (>=44.2.0 <=45.2.1)

@ckeditor/ckeditor5-clipboard NPM version =44.2.0, =5.0.0, =0.7.0, =0.0.2, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.3.0-alpha.7 and more Source cves: CVE-2025-58064 Source advisory: SNYK:JS-CKEDITORCKEDITOR5CLIPBOARD-12485153...

2.3CVSS5.7AI score0.00393EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/09/03 10:42 p.m.5 views

@ckeditor/ckeditor5-adapter-ckfinder (>=46.0.0 <=46.0.2-alpha.1), @ckeditor/ckeditor5-ai (>=46.0.0 <=46.0.2-alpha.1) +89 more potentially affected by CVE-2025-58064 via @ckeditor/ckeditor5-clipboard (>=46.0.0 <=46.0.2)

@ckeditor/ckeditor5-clipboard NPM version =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.2-alpha.1 and more Source cves: CVE-2025-58064 Source advisory: SNYK:JS-CKEDITORCKEDITOR5CLIPBOARD-124851...

2.3CVSS5.8AI score0.00393EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/09/03 6:3 p.m.6 views

@_sh/strapi-plugin-ckeditor (>=5.0.0 <=6.0.1), @abcxyz123321555/ckeditor5-build-test-version (>=0.7.0 <=0.10.2) +131 more potentially affected by CVE-2025-58064 via @ckeditor/ckeditor5-clipboard (>=44.2.0 <=45.2.1)

@ckeditor/ckeditor5-clipboard NPM version =44.2.0, =5.0.0, =0.7.0, =0.0.2, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.2.0, =44.3.0-alpha.7 and more Source cves: CVE-2025-58064 Source advisory: OSV:GHSA-X9GP-VJH6-3WV6...

2.3CVSS5.7AI score0.00393EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/09/25 6:13 p.m.9 views

4game-support-ckeditor5-custom-build (>=0.0.1 <=0.0.5), @_mehrad/ckeditor5-build-mmr (>=41.3.1 <=42.0.3) +586 more potentially affected by CVE-2024-45613 via @ckeditor/ckeditor5-clipboard (>=40.0.0 <=43.1.0)

@ckeditor/ckeditor5-clipboard NPM version =40.0.0, =0.0.1, =41.3.1, =2.1.0, =1.0.1, =0.0.1, =0.0.1, =1.0.0, =0.0.0-Beta1, =0.0.17-Beta, =0.0.15-Beta78, =0.0.1, =1.0.0, =0.0.1, =0.0.5 and more Source cves: CVE-2024-45613 Source advisory: OSV:GHSA-RGG8-G5X8-WR9V...

6.1CVSS6.7AI score0.00489EPSS
Exploits0
OSV
OSV
added 2024/09/25 6:13 p.m.3 views

GHSA-RGG8-G5X8-WR9V Cross-site scripting (XSS) in the clipboard package

Impact During a recent internal audit, we identified a Cross-Site Scripting XSS vulnerability in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code execution, if the attacker managed to insert a malicious...

7.2CVSS7AI score0.00489EPSS
Exploits0References4
Rows per page
Query Builder