Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2022/12/21 12:0 a.m.40 views

Fedora 36 : ckeditor (2022-b61dfd219b)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-b61dfd219b advisory. CKEditor 4.20 New Features: 5084: Added the config.tabletoolsscopedHeaders configuration option controlling the behaviour of table headers with and...

8.2CVSS7AI score0.02448EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/03/18 12:0 a.m.65 views

Drupal 9.3.x < 9.3.8 Third-Party Library Vulnerability

According to its self-reported version, the instance of Drupal running on the remote web server is 9.2.x prior to 9.2.15 or 9.3.x prior to 9.3.8. It is, therefore, affected by multiple vulnerabilities due to its usage of a third party component, CKEditor, for WYSIWYG editing: - A vulnerability ha...

7.5CVSS7AI score0.02448EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2022/03/16 10:47 p.m.4 views

ferris-rich-input (=0.0.1) potentially affected by CVE-2022-24728 +1 more via ckeditor4 (=4.14.0)

ckeditor4 NPM version =4.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on ckeditor4 and may be impacted: - ferris-rich-input =0.0.1 Source cves: CVE-2022-24728, CVE-2022-24729 Source advisory: OSV:GHSA-4FC4-4P5G-6W89...

7.5CVSS6.7AI score0.02448EPSS
Exploits0
Cvelist
Cvelist
added 2022/03/16 12:0 a.m.21 views

CVE-2022-24728 Cross-site Scripting in CKEditor4

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content...

5.4CVSS6.5AI score0.01162EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2022/03/16 12:0 a.m.7 views

CVE-2022-24728 Cross-site Scripting in CKEditor4

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content...

5.4CVSS5.3AI score0.01162EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/03/16 12:0 a.m.85 views

Drupal 9.2.x < 9.2.15 / 9.3.x < 9.3.8 Multiple Vulnerabilities (drupal-2022-03-16)

According to its self-reported version, the instance of Drupal running on the remote web server is 9.2.x prior to 9.2.15 or 9.3.x prior to 9.3.8. It is, therefore, affected by multiple vulnerabilities. - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to...

7.5CVSS6.6AI score0.02448EPSS
Exploits0References13
CVE
CVE
added 2022/03/16 12:0 a.m.512 views

CVE-2022-24728

CKEditor4 core HTML processing vulnerability (CVE-2022-24728) allows injecting malformed HTML that bypasses sanitization, potentially enabling JavaScript execution in CKEditor 4 plugins. A fix is available in version 4.18.0; versions prior to 4.18.0 are affected. No public workarounds are provide...

5.4CVSS5.9AI score0.01162EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder