Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ckeditor ckeditor vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-46694
Vtenext 21.02 allows an authenticated malicious user to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication controls when accessing the Ckeditor file manager function...
NA
CVE-2024-24816
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions before 4.24.0-lts in samples that use the `preview` feature. All integrators that use these samples in the production code can ...
Ckeditor Ckeditor
1 Github repository
NA
CVE-2024-24815
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module in versions of CKEditor4 before 4.24.0-lts. It may affect all editor instances that enabled full-page editing mode or ena...
Ckeditor Ckeditor
NA
CVE-2018-25094
A vulnerability was found in ???????????????? Online Accounting System up to 1.4.0 and classified as problematic. This issue affects some unknown processing of the file ckeditor/filemanager/browser/default/image.php. The manipulation of the argument fid with the input ../../../et...
Kotchasan Online Accounting System
NA
CVE-2023-4771
A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and previous versions. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an authorized user's information.
Cksource Ckeditor
NA
CVE-2023-37905
ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the `ckeditor-wordcount-plugin` plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17...
Ckeditor-wordcount-plugin Project Ckeditor-wordcount-plugin
NA
CVE-2023-36477
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights can edit all pages in the `CKEditor' space. This makes it possible to perform a variety of harmful actions, such as removing technical documents...
Xwiki Xwiki 15.0
Xwiki Xwiki
Xwiki Ckeditor Integration
NA
CVE-2023-31541
A unrestricted file upload vulnerability exists in the ‘Browse and upload images’ feature of the CKEditor v1.2.3 plugin for Redmine, which allows arbitrary files to be uploaded to the server.
Ckeditor Ckeditor 1.2.3
NA
CVE-2023-29209
XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with view rights on commonly accessible documents including the legacy notification activity macro can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full acces...
Xwiki Xwiki
NA
CVE-2023-28439
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the a...
Ckeditor Ckeditor
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4956
validation
CVE-2024-35221
remote attackers
CVE-2023-30309
CVE-2024-36112
CVE-2024-23109
CVE-2023-43850
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »