Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ckeditor ckeditor vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-11093
Cross-site scripting (XSS) vulnerability in the Link package for CKEditor 5 prior to 10.0.1 allows remote malicious users to inject arbitrary web script through a crafted href attribute of a link (A) element.
Ckeditor Ckeditor 5-link
383
VMScore
CVE-2018-9861
Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4.5.10 up to and including 4.9.1; fixed in 4.9.2), as used in Drupal 8 prior to 8.4.7 and 8.5.x prior to 8.5.2 and other products, allows remote malicious users to inject ...
Ckeditor Enhanced Image
Drupal Drupal
383
VMScore
CVE-2014-5191
Cross-site scripting (XSS) vulnerability in the Preview plugin prior to 4.4.3 in CKEditor allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ckeditor Ckeditor 4.4.1
Ckeditor Ckeditor 4.4.0
Ckeditor Ckeditor
383
VMScore
CVE-2014-4037
Cross-site scripting (XSS) vulnerability in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor prior to 2.6.11 and previous versions allows remote malicious users to inject arbitrary web script or HTML via an array key in the textinputs[] par...
Ckeditor Fckeditor
383
VMScore
CVE-2012-2066
Cross-site scripting (XSS) vulnerability in the FCKeditor module 6.x-2.x prior to 6.x-2.3 and the CKEditor module 6.x-1.x prior to 6.x-1.9 and 7.x-1.x prior to 7.x-1.7 for Drupal allows remote authenticated users or remote malicious users to inject arbitrary web script or HTML vi...
Ckeditor Fckeditor 6.x-1.1
Ckeditor Fckeditor 6.x-1.2
Ckeditor Fckeditor 6.x-1.2-1
Ckeditor Fckeditor 6.x-1.3
Ckeditor Fckeditor 6.x-1.4
Ckeditor Fckeditor 6.x-1.x
Ckeditor Fckeditor 6.x-2.0
Ckeditor Fckeditor 6.x-2.1
Ckeditor Fckeditor 6.x-2.2
Ckeditor Fckeditor 6.x-2.3
Ckeditor Fckeditor 6.x-2.x
Ckeditor Ckeditor 6.x-1.0
Ckeditor Ckeditor 6.x-1.1
Ckeditor Ckeditor 6.x-1.2
Ckeditor Ckeditor 6.x-1.3
Ckeditor Ckeditor 6.x-1.4
Ckeditor Ckeditor 6.x-1.5
Ckeditor Ckeditor 6.x-1.6
Ckeditor Ckeditor 6.x-1.7
Ckeditor Ckeditor 6.x-1.x
Ckeditor Ckeditor 7.x-1.0
Ckeditor Ckeditor 7.x-1.1
383
VMScore
CVE-2012-2722
The node selection interface in the WYSIWYG editor (CKEditor) in the Node Embed module 6.x-1.x prior to 6.x-1.5 and 7.x-1.x prior to 7.x-1.0 for Drupal does not properly check permissions, which allows remote malicious users to bypass intended access restrictions and read node ti...
Scott Reynen Node Embed 6.x-1.0
Scott Reynen Node Embed 6.x-1.1
Scott Reynen Node Embed 6.x-1.2
Scott Reynen Node Embed 6.x-1.3
Scott Reynen Node Embed 6.x-1.4
Scott Reynen Node Embed 7.x-1.0
Scott Reynen Node Embed 7.x-1.x
356
VMScore
CVE-2021-21254
CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin (@ckeditor/ckeditor5-markdown-gfm) before version 25.0.0 has a regex denial of service (ReDoS) vulnerability. The vulnerability allowed to abuse link recognition re...
Ckeditor Ckeditor5
312
VMScore
CVE-2022-24728
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing ...
Ckeditor Ckeditor
Drupal Drupal
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Commerce Merchandising 11.3.2
Oracle Financial Services Trade-based Anti Money Laundering 8.0.7
Oracle Financial Services Trade-based Anti Money Laundering 8.0.8
Fedoraproject Fedora 36
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1.0
Oracle Application Express
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.1
Oracle Financial Services Behavior Detection Platform
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Behavior Detection Platform 8.0.8.0
Oracle Financial Services Behavior Detection Platform 8.0.7.0
Fedoraproject Fedora 37
312
VMScore
CVE-2021-41165
CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, w...
Ckeditor Ckeditor
Drupal Drupal
Oracle Webcenter Portal 12.2.1.3.0
Oracle Agile Product Lifecycle Management 9.3.6
Oracle Banking Digital Experience 19.1
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Banking Digital Experience 21.1
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Banking Digital Experience
Oracle Application Express
312
VMScore
CVE-2021-41164
CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed HTML bypassing content sanitization, ...
Ckeditor Ckeditor
Drupal Drupal
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Banking Digital Experience 21.1
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Banking Digital Experience
Oracle Webcenter Portal 12.2.1.3.0
Oracle Agile Plm 9.3.6
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Portal 12.2.1.4.0
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Application Express
Fedoraproject Fedora 36
Fedoraproject Fedora 37
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »