Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ckeditor ckeditor5 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-21391
CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the following npm packages: ckeditor5-engine, ckeditor5-font, ckeditor5-image, ckeditor5-list, ckeditor5-markdown-gfm, ckeditor5-media-embed, ckeditor5-paste-from-office, and ckeditor5-widget. Following an internal ...
Ckeditor Ckeditor5-widget
Ckeditor Ckeditor5-paste-from-office
Ckeditor Ckeditor5-media-embed
Ckeditor Ckeditor5-markdown-gfm
Ckeditor Ckeditor5-list
Ckeditor Ckeditor5-image
Ckeditor Ckeditor5-font
Ckeditor Ckeditor5-engine
NA
CVE-2022-31175
CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions before 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The aff...
Ckeditor Ckeditor5-html-support
Ckeditor Ckeditor5-html-embed
Ckeditor Ckeditor5-markdown-gfm
4
CVSSv2
CVE-2021-21254
CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin (@ckeditor/ckeditor5-markdown-gfm) before version 25.0.0 has a regex denial of service (ReDoS) vulnerability. The vulnerability allowed to abuse link recognition re...
Ckeditor Ckeditor5
NA
CVE-2022-48110
CKSource CKEditor 5 35.4.0 exists to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget. NOTE: the vendor's position is that this is not a vulnerability. The CKEditor 5 documentation discusses that it is the responsibility of an integra...
Ckeditor Ckeditor 35.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started