7 matches found
BIT-DRUPAL-2020-9281
A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...
CVE-2022-39950
An improper neutralization of input during web page generation vulnerability CWE-79 exists in FortiManager and FortiAnalyzer 6.0.0 all versions, 6.2.0 all versions, 6.4.0 through 6.4.8, and 7.0.0 through 7.0.4. Report templates may allow a low privilege level attacker to perform an XSS attack via...
PT-2022-1389 · Fortinet · Fortianalyzer +1
Name of the Vulnerable Software and Affected Versions: FortiManager versions 6.0.0 through 7.0.4 FortiAnalyzer versions 6.0.0 through 7.0.4 Description: The issue is related to an improper neutralization of input during web page generation, which may allow a low privilege level attacker to perfor...
CKEditor 4.0 vulnerability in the HTML Data Processor
A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14.0 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...
CVE-2020-9281
A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...
UBUNTU-CVE-2020-9281
A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...
CVE-2020-9281
A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...