FreeBSD : typo3 -- multiple vulnerabilities (b1ac663f-3aa9-11ee-b887-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the b1ac663f-3aa9-11ee-b887-b42e991fc52e advisory. - ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been...

TYPO3 9.5.0 < 9.5.42 ELTS / 10.0.0 < 10.4.39 ELTS / 11.0.0 < 11.5.30 XSS (TYPO3-CORE-SA-2023-004)

The version of TYPO3 installed on the remote host is prior to 9.5.0 9.5.42 ELTS / 10.0.0 10.4.39 ELTS / 11.0.0 11.5.30. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2023-004 advisory. - ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. ...

CVE-2023-37905

The CVE-2023-37905 entry concerns the CKEditor4 WordCount Plugin (ckeditor-wordcount-plugin). The issue is a cross-site scripting vulnerability that occurs when switching to source code mode. According to the provided documents, this vulnerability is addressed in version 1.17.12 of the plugin, an...

CVE-2023-37905 Cross-site Scripting (XSS) in Source Mode of Editor in ckeditor-wordcount-plugin

ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the...

Cross-site Scripting (XSS)

ckeditor-wordcount-plugin is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the strip function at plugin.js when switching to the source code mode which allows an attacker to inject and execute arbitrary javascript...