7 matches found
FreeBSD : drupal9 -- multiple vulnerabilities (03bb8373-2026-11ed-9d70-080027240888)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 03bb8373-2026-11ed-9d70-080027240888 advisory. - CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered...
@8trhieu/ckeditor5-build-classic-custom (>=0.0.1 <=0.0.5), @ainhu8596/tee-mee-ckeditor (>=29.1.1 <=29.1.2) +201 more potentially affected by CVE-2022-31175 via @ckeditor/ckeditor5-markdown-gfm (>=0.0.0-internal-20241017.0 <=34.2.0)
@ckeditor/ckeditor5-markdown-gfm NPM version =0.0.0-internal-20241017.0, =0.0.1, =29.1.1, =1.0.0, =1.0.1, =34.1.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0,...
@8trhieu/ckeditor5-build-classic-custom (>=0.0.1 <=0.0.5), @abcxyz123321555/ckeditor5-build-test-version (>=0.8.3 <=0.8.8) +139 more potentially affected by CVE-2022-31175 via @ckeditor/ckeditor5-html-support (>=0.0.0-internal-20241017.0 <=34.2.0)
@ckeditor/ckeditor5-html-support NPM version =0.0.0-internal-20241017.0, =0.0.1, =0.8.3, =0.0.6, =1.1.0, =34.1.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0,...
CVE-2022-31175
CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are...
CVE-2022-31175 Cross-site scripting caused by the editor instance destroying process in ckeditor5
CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are...
CVE-2022-31175
CKEditor 5 prior to 35.0.1 contains an XSS flaw in three optional packages: @ckeditor/ckeditor5-markdown-gfm, @ckeditor/ckeditor5-html-support, and @ckeditor/ckeditor5-html-embed. The vulnerability arises from a mechanism that updates the source element with markup from the data pipeline after de...
CVE-2022-31175 Cross-site scripting caused by the editor instance destroying process in ckeditor5
CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are...