4 matches found
CVE-2012-2067
The CVE-2012-2067 entry covers Drupal CKEditor/FCKeditor modules (CKEditor 6.x-1.x before 6.x-1.9; CKEditor 7.x-1.x before 7.x-1.7; FCKeditor 6.x-2.x before 6.x-2.3) when the core PHP module is enabled. The root cause is an improper handling in the text filter parameter that allows remote authent...
CVE-2012-4000
CVE-2012-4000 is a cross-site scripting vulnerability in the FCKeditor spellchecker PHP path. The issue affects FCKeditor 2.6.7 and earlier, where the print_textinputs_var function processes the textinputs[] parameters in spellchecker.php, allowing a remote attacker to inject arbitrary script/HTM...
CVE-2014-4037
Technical details for CVE-2014-4037 are not publicly available in the provided connected documents. The materials only reference the vulnerability in general terms without product/version specifics or remediation. Monitor for updates from official advisories.
CVE-2012-2066
CVE-2012-2066 is a cross-site scripting (XSS) vulnerability affecting Drupal contributed editor modules: FCKeditor 6.x-2.x before 6.x-2.3, CKEditor 6.x-1.x before 6.x-1.9, and CKEditor 7.x-1.x before 7.x-1.7. The issue allows remote authenticated users or remote attackers to inject arbitrary scri...