Lucene search
Veracode Vulnerability DatabaseVERACODE:45396HistoryFeb 08, 2024 - 4:14 a.m.
Cross Site Scripting (XSS)
2024-02-0804:14:20
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
xss
vulnerability
ckeditor4
javascript
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.8%
ckeditor4 is vulnerable to Cross Site Scripting (XSS). The vulnerability due to the preview feature which allows an attacker to execute arbitrary JavaScript resulting in XSS.
Related
osv
osv
CKEditor4 Cross-site Scripting vulnerability in samples with enabled the preview feature
2024-02-07 17:31:34
CVE-2024-24816
2024-02-07 17:15:11
github
github
nvd
nvd
CVE-2024-24816
2024-02-07 17:15:11
debiancve
debiancve
CVE-2024-24816
2024-02-07 17:15:11
prion
prion
Cross site scripting
2024-02-07 17:15:00
ubuntucve
ubuntucve
CVE-2024-24816
2024-02-07 00:00:00
cnvd
cnvd
CKEditor cross-site scripting vulnerability (CNVD-2024-09867)
2024-02-22 00:00:00
cve
cve
CVE-2024-24816
2024-02-07 17:15:11
cvelist
cvelist
nessus
nessus
CKEditor 4.x < 4.24.0-lts Multitple XSS
2024-02-09 00:00:00
openvas
openvas
CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Windows
2023-11-20 00:00:00
CKEditor < 4.24.0-lts Multiple XSS Vulnerabilities - Linux
2023-11-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.8%
Related for VERACODE:45396