Lucene search
Veracode Vulnerability DatabaseVERACODE:6353HistoryMay 23, 2018 - 2:25 a.m.
Cross-site Scripting (XSS)
2018-05-2302:25:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
45.4%
@ckeditor/ckeditor5-link is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists due to the lack of escaping for the a href attributes, allowing arbitrary scripts to be executed.
| CPE | Name | Operator | Version |
|---|---|---|---|
| @ckeditor/ckeditor5-link | le | 1.0.0-alpha.2 | |
| @ckeditor/ckeditor5-link | le | 10.0.0 |
Related
cvelist
cvelist
CVE-2018-11093
2018-05-22 18:00:00
nodejs
nodejs
Cross-Site Scripting
2019-09-05 22:28:15
prion
prion
Cross site scripting
2018-05-22 18:29:00
github
github
Cross-Site Scripting in @ckeditor/ckeditor5-link
2018-05-23 20:37:46
cve
cve
CVE-2018-11093
2018-05-22 18:29:00
ubuntucve
ubuntucve
CVE-2018-11093
2018-05-22 00:00:00
osv
osv
CVE-2018-11093
2018-05-22 18:29:00
Cross-Site Scripting in @ckeditor/ckeditor5-link
2018-05-23 20:37:46
nvd
nvd
CVE-2018-11093
2018-05-22 18:29:00