Lucene search
+L

4 matches found

circl
circl
added 2025/02/20 11:1 p.m.8 views

CVE-2025-25299

creationtimestamp| type| source ---|---|--- 2025-02-20 23:01:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3linfhqq2ds2p 2025-02-20 23:12:09+00:00| seen| https://t.me/cvedetector/18602...

2.3CVSS4.8AI score0.00557EPSS
Exploits0References2
vulnersosv
vulnersosv
added 2025/02/20 8:16 p.m.5 views

@authorium/ckeditor5-build-multi-root (>=41.3.1 <=41.4.2), @eagerworks/ckeditor5-build-multi-root (>=41.4.2 <=41.4.2-auth.3) +8 more potentially affected by CVE-2025-25299 via @ckeditor/ckeditor5-real-time-collaboration (>=41.3.1 <=44.2.1-alpha.0)

@ckeditor/ckeditor5-real-time-collaboration NPM version =41.3.1, =41.3.1, =41.4.2, =1.0.1, =4.0.45, =18.0.20, =0.0.8, =41.4.0, =1.0.8, =1.0.10 - htmljs-code =44.0.30 - markdownvue3demo =0.0.1 Source cves: CVE-2025-25299 Source advisory: OSV:GHSA-J3MM-WMFM-MWVH...

2.3CVSS5.8AI score0.00557EPSS
Exploits0
ubuntucve
ubuntucve
added 2025/02/20 8:15 p.m.13 views

CVE-2025-25299

CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. During a recent internal audit, a Cross-Site Scripting XSS vulnerability was discovered in the CKEditor 5 real-time collaboration package. This vulnerability affects user markers, which represent users' positions within...

2.3CVSS5.8AI score0.00557EPSS
Exploits0References3
cvelist
cvelist
added 2025/02/20 7:23 p.m.19 views

CVE-2025-25299 Cross-site scripting (XSS) in the real-time collaboration package

CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. During a recent internal audit, a Cross-Site Scripting XSS vulnerability was discovered in the CKEditor 5 real-time collaboration package. This vulnerability affects user markers, which represent users' positions within...

2.3CVSS0.00557EPSS
Exploits0References3
Rows per page
Query Builder