Lucene search
Veracode Vulnerability DatabaseVERACODE:48519HistoryAug 22, 2024 - 1:26 p.m.
Cross Site Scripting (XSS)
2024-08-2213:26:20
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
ckeditor4
cross site scripting
xss
input validation
output sanitization
confidentiality
integrity
vulnerability
CVSS3
3.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N
AI Score
6.3
Confidence
High
ckeditor4 is vulnerable to Cross Site Scripting (XSS). The vulnerability is caused by a missing input validation and output sanitization while rendering the page on the browser. This can lead to compromising Confidentiality and Integrity of the system.
Related
debiancve
debiancve
CVE-2024-43411
2024-08-21 16:15:08
cve
cve
CVE-2024-43411
2024-08-21 16:15:08
osv
osv
CVE-2024-43411
2024-08-21 16:15:08
nvd
nvd
CVE-2024-43411
2024-08-21 16:15:08
cvelist
cvelist
vulnrichment
vulnrichment
github
github
openvas
openvas
CKEditor 4.x < 4.25.0 Multiple Vulnerabilities - Windows
2024-08-22 00:00:00
CKEditor 4.x < 4.25.0 Multiple Vulnerabilities - Linux
2024-08-22 00:00:00
CVSS3
3.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N
AI Score
6.3
Confidence
High
Related for VERACODE:48519