4 matches found
CVE-2018-11093
Cross-site scripting XSS vulnerability in the Link package for CKEditor 5 before 10.0.1 allows remote attackers to inject arbitrary web script through a crafted href attribute of a link A element...
Cross site scripting
Cross-site scripting XSS vulnerability in the Link package for CKEditor 5 before 10.0.1 allows remote attackers to inject arbitrary web script through a crafted href attribute of a link A element...
CVE-2018-11093
Cross-site scripting XSS vulnerability in the Link package for CKEditor 5 before 10.0.1 allows remote attackers to inject arbitrary web script through a crafted href attribute of a link A element...
CVE-2010-2809
The default configuration of the binding in Uzbl before 2010.08.05 does not properly use the @SELECTEDURI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document...