FreeBSD : typo3 -- multiple vulnerabilities (b1ac663f-3aa9-11ee-b887-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the b1ac663f-3aa9-11ee-b887-b42e991fc52e advisory. - ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been...

GHSA-M8FW-P3CR-6JQC Cross-Site Scripting in CKEditor4 WordCount Plugin

CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C 4.4 Problem The WordCount plugin npm:ckeditor-wordcount-plugin for CKEditor4 is vulnerable to cross-site scripting when switching to the source code mode. This plugin is enabled via the Full.yaml configuration present, but is not...

Cross-Site Scripting in CKEditor4 WordCount Plugin

CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C 4.4 Problem The WordCount plugin npm:ckeditor-wordcount-plugin for CKEditor4 is vulnerable to cross-site scripting when switching to the source code mode. This plugin is enabled via the Full.yaml configuration present, but is not...

TYPO3 9.5.0 < 9.5.42 ELTS / 10.0.0 < 10.4.39 ELTS / 11.0.0 < 11.5.30 XSS (TYPO3-CORE-SA-2023-004)

The version of TYPO3 installed on the remote host is prior to 9.5.0 9.5.42 ELTS / 10.0.0 10.4.39 ELTS / 11.0.0 11.5.30. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2023-004 advisory. - ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. ...

CVE-2023-37905

ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the...

Cross site scripting

ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the...

CVE-2023-37905

The CVE-2023-37905 entry concerns the CKEditor4 WordCount Plugin (ckeditor-wordcount-plugin). The issue is a cross-site scripting vulnerability that occurs when switching to source code mode. According to the provided documents, this vulnerability is addressed in version 1.17.12 of the plugin, an...

CVE-2023-37905 Cross-site Scripting (XSS) in Source Mode of Editor in ckeditor-wordcount-plugin

ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the...

CVE-2023-37905 Cross-site Scripting (XSS) in Source Mode of Editor in ckeditor-wordcount-plugin

ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the...

CKEditor 跨站脚本漏洞

CKEditor is an open source, web-based text editor. A cross-site scripting vulnerability exists in CKEditor-WordCount-Plugin versions prior to 1.17.12, which stems from the vulnerability to cross-site scripting attacks when switching to source code mode...

Cross-site Scripting (XSS)

ckeditor-wordcount-plugin is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the strip function at plugin.js when switching to the source code mode which allows an attacker to inject and execute arbitrary javascript...

GHSA-Q9W4-W667-QQJ4 ckeditor-wordcount-plugin vulnerable to Cross-site Scripting in Source Mode of Editor

Problem It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. Solution Update to version 1.17.12 of the ckeditor-wordcount-plugin plugin. Credits @sypets for reporting this finding to the TYPO3...

ckeditor-wordcount-plugin vulnerable to Cross-site Scripting in Source Mode of Editor

Problem It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. Solution Update to version 1.17.12 of the ckeditor-wordcount-plugin plugin. Credits @sypets for reporting this finding to the TYPO3...