13 matches found
EUVD-2021-1613
Malware in sbrugna...
CVE-2025-58064 CKEditor is susceptible to Cross-Site Scripting (XSS) through its clipboard package
CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. ckeditor5 and ckeditor5-clipboard versions 46.0.0 through 46.0.2 and 44.2.0 through 45.2.1 contain a Cross-Site Scripting XSS vulnerability. Ability to exploit could be triggered by a specific user action leading to...
Cross-site scripting (XSS) in the clipboard package
Impact During a recent internal audit, we identified a Cross-Site Scripting XSS vulnerability in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code execution, if the attacker managed to insert a malicious...
CVE-2024-45613
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
CVE-2024-45613 CKEditor 5 has Cross-site Scripting vulnerability in the clipboard package
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
CVE-2024-45613 CKEditor 5 has Cross-site Scripting vulnerability in the clipboard package
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...
Updated perl-Clipboard package fix security vulnerability
Version 0.29 fixes 'clipbrowse command execution with multi-line clipboard text including "| sh"'...
CVE-2021-32809
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Clipboard package. The vulnerability allowed to abuse paste functionality using malformed HTML, which could result in injecting arbitrary HTML into the editor. It...
CVE-2021-32809
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Clipboard package. The vulnerability allowed to abuse paste functionality using malformed HTML, which could result in injecting arbitrary HTML into the editor. It...
Design/Logic Flaw
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Clipboard package. The vulnerability allowed to abuse paste functionality using malformed HTML, which could result in injecting arbitrary HTML into the editor. It...
CVE-2021-32809 Arbitrary HTML injection vulnerability in ckeditor
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Clipboard package. The vulnerability allowed to abuse paste functionality using malformed HTML, which could result in injecting arbitrary HTML into the editor. It...
CVE-2021-32809
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Clipboard package. The vulnerability allowed to abuse paste functionality using malformed HTML, which could result in injecting arbitrary HTML into the editor. It...
CKEditor 跨站脚本漏洞
CKEditor is an open source, web-based text editor. A cross-site scripting vulnerability in the CKEditor 4 Clipboard package allows users to abuse the paste function with malformed HTML, which could result in injecting arbitrary HTML into the editor...