Lucene search
K

395 matches found

OSV
OSV
added 2024/02/07 4:58 p.m.16 views

CVE-2024-24816 Cross-site scripting (XSS) vulnerability in samples with enabled the preview feature

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the preview feature. All integrators that use these samples in the production code can be affected. The...

6.1CVSS6.3AI score0.01652EPSS
Exploits0References5
NVD
NVD
added 2024/02/07 4:15 p.m.24 views

CVE-2024-24815

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module in versions of CKEditor4 prior to 4.24.0-lts. It may affect all editor instances that enabled full-page editing mode or enabled CDATA...

6.1CVSS6.1AI score0.00706EPSS
Exploits0References6
Prion
Prion
added 2024/02/07 4:15 p.m.25 views

Cross site scripting

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module in versions of CKEditor4 prior to 4.24.0-lts. It may affect all editor instances that enabled full-page editing mode or enabled CDATA...

5.8CVSS6.1AI score0.00706EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2024/02/07 3:14 p.m.247 views

CVE-2024-24815

CVE-2024-24815 (CKEditor4) : A cross-site scripting vulnerability affects CKEditor4 core HTML parsing in versions before 4.24.0-lts. When full-page editing is enabled or CDATA is allowed in Advanced Content Filtering, malformed HTML can bypass the ACF and execute JavaScript. The issue is caused b...

6.1CVSS5.9AI score0.00706EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/02/07 3:14 p.m.27 views

CVE-2024-24815 CKEditor4 Cross-site scripting (XSS) vulnerability caused by incorrect CDATA detection

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module in versions of CKEditor4 prior to 4.24.0-lts. It may affect all editor instances that enabled full-page editing mode or enabled CDATA...

6.1CVSS6.4AI score0.00706EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2024/02/07 3:14 p.m.16 views

CVE-2024-24815

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module in versions of CKEditor4 prior to 4.24.0-lts. It may affect all editor instances that enabled full-page editing mode or enabled CDATA...

6.1CVSS6.3AI score0.00706EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/12/18 12:0 a.m.10 views

Fedora: Security Advisory for seamonkey (FEDORA-2023-deb5cf6515)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2023/12/17 1:44 a.m.9 views

[SECURITY] Fedora 38 Update: seamonkey-2.53.18-1.fc38

SeaMonkey is an all-in-one Internet application suite previously made popular by Netscape and Mozilla. It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2023/12/12 12:0 a.m.8 views

Fedora: Security Advisory (FEDORA-2023-76db6c040e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2023/08/09 2:32 a.m.15 views

[SECURITY] Fedora 37 Update: seamonkey-2.53.17-1.fc37

SeaMonkey is an all-in-one Internet application suite previously made popular by Netscape and Mozilla. It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application...

7AI score
Exploits0
Fedora
Fedora
added 2023/08/05 1:40 a.m.13 views

[SECURITY] Fedora 38 Update: seamonkey-2.53.17-1.fc38

SeaMonkey is an all-in-one Internet application suite previously made popular by Netscape and Mozilla. It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2023/04/10 12:0 a.m.10 views

Fedora: Security Advisory for seamonkey (FEDORA-2023-a6f685801e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2023/04/09 1:42 a.m.16 views

[SECURITY] Fedora 36 Update: seamonkey-2.53.16-1.fc36

SeaMonkey is an all-in-one Internet application suite previously made popular by Netscape and Mozilla. It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application...

6.7AI score
Exploits0
OpenVAS
OpenVAS
added 2023/04/05 12:0 a.m.7 views

Fedora: Security Advisory for seamonkey (FEDORA-2023-c85047d868)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/03/22 9:15 p.m.51 views

CVE-2023-28439

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the affected packages ...

6.1CVSS7AI score0.00725EPSS
Exploits0References4
CVE
CVE
added 2023/03/22 8:55 p.m.443 views

CVE-2023-28439

CKEditor4 contains a cross-site scripting vulnerability affecting the Iframe Dialog and Media Embed plugins. The issue arises from improper input handling and specific initialization/destroy conditions that can trigger JavaScript execution on a page with insufficient CSP. A patch is available in ...

6.1CVSS5.7AI score0.00725EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2023/03/22 8:55 p.m.24 views

CVE-2023-28439 ckeditor4 plugins vulnerable to cross-site scripting caused by the editor instance destroying process

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the affected packages ...

4.7CVSS7.1AI score0.00725EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.4 views

SUSE CVE-2007-1742

suexec in Apache HTTP Server httpd 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "htmlbackup" and "htmleditor" under an "html...

3.7CVSS6.4AI score0.00687EPSS
Exploits0References3
Fedora
Fedora
added 2023/01/31 1:59 a.m.20 views

[SECURITY] Fedora 37 Update: seamonkey-2.53.15-1.fc37

SeaMonkey is an all-in-one Internet application suite previously made popular by Netscape and Mozilla. It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/12/21 12:0 a.m.40 views

Fedora 36 : ckeditor (2022-b61dfd219b)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-b61dfd219b advisory. CKEditor 4.20 New Features: 5084: Added the config.tabletoolsscopedHeaders configuration option controlling the behaviour of table headers with and...

8.2CVSS7AI score0.02448EPSS
Exploits0References5
Rows per page
Query Builder