5 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-32808
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside t...
Drupal 9.2.x < 9.2.4 Third-Party Library Vulnerability
According to its self-reported version, the instance of Drupal running on the remote web server is 8.9.x prior to 8.9.18, 9.1.x prior to 9.1.12, or 9.2.x prior to 9.2.4. It is, therefore, affected by multiple vulnerabilities due to its usage of a third party component, CKEditor, for WYSIWYG...
Drupal 8.9.x < 8.9.18 Third-Party Library Vulnerability
According to its self-reported version, the instance of Drupal running on the remote web server is 8.9.x prior to 8.9.18, 9.1.x prior to 9.1.12, or 9.2.x prior to 9.2.4. It is, therefore, affected by multiple vulnerabilities due to its usage of a third party component, CKEditor, for WYSIWYG...
ferris-rich-input (=0.0.1) potentially affected by CVE-2021-32808 via ckeditor4 (=4.14.0)
ckeditor4 NPM version =4.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on ckeditor4 and may be impacted: - ferris-rich-input =0.0.1 Source cves: CVE-2021-32808 Source advisory: OSV:GHSA-6226-H7FF-CH6C...
CVE-2021-32808
CKEditor 4.x clipboard Widget plugin vulnerability (CVE-2021-32808) arises from improper validation of widget HTML when used with the undo feature, allowing a remote attacker to trigger JavaScript execution in the victim’s browser. Affected: CKEditor 4 plugins with version >= 4.13.0. Remediati...