Lucene search
K

397 matches found

Prion
Prion
added 2021/09/21 9:15 p.m.21 views

Cross site scripting

jsuites is an open source collection of common required javascript web components. In affected versions users are subject to cross site scripting XSS attacks via clipboard content. jsuites is vulnerable to DOM based XSS if the user can be tricked into copying anything from a malicious and pasting...

3.5CVSS5.4AI score0.01061EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2021/08/13 12:15 a.m.35 views

Design/Logic Flaw

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Fake Objects package. The vulnerability allowed to inject malformed Fake Objects HTML, which could result in executing JavaScript code. It affects all users using...

3.5CVSS5.6AI score0.01324EPSS
Exploits0References8Affected Software12
CVE
CVE
added 2021/08/12 11:10 p.m.336 views

CVE-2021-37695

CKEditor 4 vulnerability CVE-2021-37695 involves the Fake Objects addon. The issue allows injection of malformed Fake Objects HTML that can lead to JavaScript execution in affected CKEditor 4 plugins when used at versions prior to 4.16.2. Public references in connected documents confirm the affec...

7.3CVSS6AI score0.01324EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2021/08/12 11:10 p.m.26 views

CVE-2021-37695

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Fake Objects package. The vulnerability allowed to inject malformed Fake Objects HTML, which could result in executing JavaScript code. It affects all users using...

7.3CVSS6.1AI score0.01324EPSS
Exploits0
NVD
NVD
added 2021/08/12 5:15 p.m.20 views

CVE-2021-32808

ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malformed widget HTML, which could result in executing...

7.6CVSS0.01192EPSS
Exploits0References7
OSV
OSV
added 2021/08/12 5:15 p.m.33 views

CVE-2021-32809

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Clipboard package. The vulnerability allowed to abuse paste functionality using malformed HTML, which could result in injecting arbitrary HTML into the editor. It...

5.4CVSS6.4AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2021/08/12 5:15 p.m.35 views

CVE-2021-32809

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Clipboard package. The vulnerability allowed to abuse paste functionality using malformed HTML, which could result in injecting arbitrary HTML into the editor. It...

5.4CVSS6.6AI score0.01188EPSS
Exploits0References4
CVE
CVE
added 2021/08/12 5:10 p.m.390 views

CVE-2021-32809

CVE-2021-32809 concerns CKEditor 4’s Clipboard functionality. Affected: CKEditor 4, Clipboard plugin, version >= 4.5.2. Root cause: HTML injected via malformed paste content could be executed within the editor’s context. Impact: potential HTML injection into the editor content (code injection ...

5.4CVSS5.8AI score0.01188EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2021/08/12 4:25 p.m.31 views

CVE-2021-32808

ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malformed widget HTML, which could result in executing...

7.6CVSS5.9AI score0.01192EPSS
Exploits0
Fedora
Fedora
added 2021/08/02 1:6 a.m.16 views

[SECURITY] Fedora 33 Update: seamonkey-2.53.8.1-1.fc33

SeaMonkey is an all-in-one Internet application suite previously made popular by Netscape and Mozilla. It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application...

0.4AI score
Exploits0
Fedora
Fedora
added 2021/07/30 1:2 a.m.35 views

[SECURITY] Fedora 34 Update: seamonkey-2.53.8.1-1.fc34

SeaMonkey is an all-in-one Internet application suite previously made popular by Netscape and Mozilla. It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application...

0.4AI score
Exploits0
NVD
NVD
added 2021/07/20 9:15 p.m.16 views

CVE-2021-36746

Blackboard Learn through 9.1 allows XSS by an authenticated user via the Assignment Instructions HTML editor...

5.4CVSS0.00565EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2021/07/20 9:15 p.m.2 views

CVE-2021-36746

Blackboard Learn through 9.1 allows XSS by an authenticated user via the Assignment Instructions HTML editor...

5.4CVSS6.1AI score0.00565EPSS
Exploits1References2
Prion
Prion
added 2021/07/20 9:15 p.m.17 views

Design/Logic Flaw

Blackboard Learn through 9.1 allows XSS by an authenticated user via the Assignment Instructions HTML editor...

3.5CVSS5.1AI score0.00565EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/07/20 8:48 p.m.54 views

CVE-2021-36746

Blackboard Learn (through version 9.1) is vulnerable to cross-site scripting (XSS) when an authenticated user uses the Assignment Instructions HTML editor. The issue is documented across multiple sources as an XSS flaw affecting Blackboard Learn 9.1, with the underlying cause described as a secur...

5.4CVSS5.1AI score0.00565EPSS
Exploits1References1Affected Software1
OpenVAS
OpenVAS
added 2021/07/15 12:0 a.m.7 views

Fedora: Security Advisory for seamonkey (FEDORA-2021-01f851ab8d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2021/07/02 1:9 a.m.24 views

[SECURITY] Fedora 34 Update: seamonkey-2.53.8-1.fc34

SeaMonkey is an all-in-one Internet application suite previously made popular by Netscape and Mozilla. It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application...

0.4AI score
Exploits0
OpenVAS
OpenVAS
added 2021/06/17 12:0 a.m.22 views

Fedora: Security Advisory for seamonkey (FEDORA-2021-1c3f7963a5)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.02216EPSS
Exploits0References2
Fedora
Fedora
added 2021/06/16 1:4 a.m.47 views

[SECURITY] Fedora 34 Update: seamonkey-2.53.7-5.fc34

SeaMonkey is an all-in-one Internet application suite previously made popular by Netscape and Mozilla. It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application...

9.8CVSS0.4AI score0.02216EPSS
Exploits0
Node.js
Node.js
added 2021/05/10 3:38 p.m.69 views

Cross-Site Scripting

Overview A vulnerability in the HTML editor of Slab Quill allows an attacker to execute arbitrary JavaScript by storing an XSS payload a crafted onloadstart attribute of an IMG element in a text field. No patch exists and no further releases are planned. Recommendation Avoid using quill as there ...

4.3CVSS3.2AI score0.01311EPSS
Exploits1Affected Software1
Rows per page
Query Builder