Lucene search
+L

11 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:51 a.m.10 views

CVE-2023-28439

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the affected packages ...

6.1CVSS6.5AI score0.00725EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.15 views

Fedora 39 : ckeditor (2023-426b3a500d)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-426b3a500d advisory. - 4.22.0/4.22.1 - 4.21.0 - GHSA-vh5c-xwqv-cv9g / CVE-2023-28439 - 4.20.2 - 4.20.1 Tenable has extracted the preceding description block directly from the...

6.1CVSS7AI score0.00725EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.109 views

Oracle Business Intelligence Enterprise Edition (OAS 7.0) (October 2023 CPU)

The version of Oracle Business Intelligence Enterprise Edition OAS 7.0.0.0 installed on the remote host is affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product o...

9.8CVSS7.4AI score0.42646EPSS
Exploits4References6
OpenVAS
OpenVAS
added 2023/10/05 12:0 a.m.20 views

Fedora: Security Advisory for ckeditor (FEDORA-2023-983ff03630)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.6AI score0.00725EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/04 12:0 a.m.15 views

Fedora 38 : ckeditor (2023-79b5902a52)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-79b5902a52 advisory. - 4.22.0/4.22.1 - 4.21.0 - GHSA-vh5c-xwqv-cv9g / CVE-2023-28439 - 4.20.2 - 4.20.1 Tenable has extracted the preceding description block directly from the...

6.1CVSS7AI score0.00725EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/04 12:0 a.m.18 views

Fedora 37 : ckeditor (2023-983ff03630)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-983ff03630 advisory. - 4.22.0/4.22.1 - 4.21.0 - GHSA-vh5c-xwqv-cv9g / CVE-2023-28439 - 4.20.2 - 4.20.1 Tenable has extracted the preceding description block directly from the...

6.1CVSS7AI score0.00725EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/07/21 12:0 a.m.117 views

Oracle Business Intelligence Enterprise Edition (OAS) (July 2023 CPU)

The version of Oracle Business Intelligence Enterprise Edition OAS 6.4.0.0.0 and 7.0.0.0 installed on the remote host are affected by a vulnerability as referenced in the July 2023 CPU advisory. - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics...

9.8CVSS7.1AI score0.99615EPSS
Exploits28References28
Huntr
Huntr
added 2023/04/18 2:37 p.m.318 views

CKeditor 4.20.2 in use which is vulnerable to CVE-2023-28439

Description CKeditor 4.20.2 in use which is vulnerable to CVE-2023-28439 Proof of Concept 1 Go to https://demo.limesurvey.org/tmp/assets/a89a2fb4/ckeditor.js and note that version:"4.20.2" 2 Go to https://github.com/LimeSurvey/LimeSurvey/blob/master/assets/packages/ckeditor/ckeditor.js to verify...

6.8AI score0.00725EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/03/22 9:15 p.m.51 views

CVE-2023-28439

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the affected packages ...

6.1CVSS7AI score0.00725EPSS
Exploits0References4
CVE
CVE
added 2023/03/22 8:55 p.m.445 views

CVE-2023-28439

CKEditor4 contains a cross-site scripting vulnerability affecting the Iframe Dialog and Media Embed plugins. The issue arises from improper input handling and specific initialization/destroy conditions that can trigger JavaScript execution on a page with insufficient CSP. A patch is available in ...

6.1CVSS5.7AI score0.00725EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2023/03/22 8:55 p.m.25 views

CVE-2023-28439 ckeditor4 plugins vulnerable to cross-site scripting caused by the editor instance destroying process

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the affected packages ...

4.7CVSS7.1AI score0.00725EPSS
Exploits0References8
Rows per page
Query Builder