4 matches found
GHSA-3H7R-4XXJ-3MFM Liferay Portal Reflected XSS in CKeditor 4.21.0 endpoint
A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.4, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated...
[SECURITY] [DLA 4112-1] php-horde-editor - switch to CKEditor 4
------------------------------------------------------------------------- Debian LTS Advisory DLA-4112-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler April 03, 2025 https://wiki.debian.org/LTS -...
CKEditor 4.x < 4.24.0-lts Multitple XSS
The version of CKEditor included on the remote web host is 4.x prior to 4.24.0-lts. It may, therefore, be affected by multiple cross-site scripting XSS vulnerabilities. - A cross-site scripting vulnerability affecting editor instances that enabled full-page editing mode or enabled CDATA elements ...
ferris-rich-input (=0.0.1) potentially affected by CVE-2021-41164 via ckeditor4 (=4.14.0)
ckeditor4 NPM version =4.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on ckeditor4 and may be impacted: - ferris-rich-input =0.0.1 Source cves: CVE-2021-41164 Source advisory: OSV:GHSA-PVMX-G8H5-CPRJ...