Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ckeditor ckeditor vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-9861
Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4.5.10 up to and including 4.9.1; fixed in 4.9.2), as used in Drupal 8 prior to 8.4.7 and 8.5.x prior to 8.5.2 and other products, allows remote malicious users to inject ...
Ckeditor Enhanced Image
Drupal Drupal
4.3
CVSSv2
CVE-2014-5191
Cross-site scripting (XSS) vulnerability in the Preview plugin prior to 4.4.3 in CKEditor allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ckeditor Ckeditor 4.4.1
Ckeditor Ckeditor
Ckeditor Ckeditor 4.4.0
4.3
CVSSv2
CVE-2014-4037
Cross-site scripting (XSS) vulnerability in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor prior to 2.6.11 and previous versions allows remote malicious users to inject arbitrary web script or HTML via an array key in the textinputs[] par...
Ckeditor Fckeditor
4.3
CVSSv2
CVE-2012-2066
Cross-site scripting (XSS) vulnerability in the FCKeditor module 6.x-2.x prior to 6.x-2.3 and the CKEditor module 6.x-1.x prior to 6.x-1.9 and 7.x-1.x prior to 7.x-1.7 for Drupal allows remote authenticated users or remote malicious users to inject arbitrary web script or HTML vi...
Ckeditor Fckeditor 6.x-2.3
Ckeditor Fckeditor 6.x-2.0
Ckeditor Fckeditor 6.x-1.3
Ckeditor Fckeditor 6.x-1.1
Ckeditor Fckeditor 6.x-2.2
Ckeditor Fckeditor 6.x-1.4
Ckeditor Fckeditor 6.x-1.x
Ckeditor Fckeditor 6.x-2.1
Ckeditor Fckeditor 6.x-2.x
Ckeditor Fckeditor 6.x-1.2-1
Ckeditor Fckeditor 6.x-1.2
Ckeditor Ckeditor 6.x-1.5
Ckeditor Ckeditor 6.x-1.4
Ckeditor Ckeditor 7.x-1.6
Ckeditor Ckeditor 7.x-1.5
Ckeditor Ckeditor 7.x-1.0
Ckeditor Ckeditor 6.x-1.3
Ckeditor Ckeditor 6.x-1.2
Ckeditor Ckeditor 7.x-1.4
Ckeditor Ckeditor 7.x-1.3
Ckeditor Ckeditor 6.x-1.1
Ckeditor Ckeditor 6.x-1.0
4.3
CVSSv2
CVE-2012-4000
Cross-site scripting (XSS) vulnerability in the print_textinputs_var function in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor 2.6.7 and previous versions allows remote malicious users to inject arbitrary web script or HTML via textinput...
Ckeditor Fckeditor 2.6.3
Ckeditor Fckeditor 2.5
Ckeditor Fckeditor 2.4.3
Ckeditor Fckeditor 2.3
Ckeditor Fckeditor 2.0
Ckeditor Fckeditor 1.2.2
Ckeditor Fckeditor 1.2
Ckeditor Fckeditor 0.9.4
Ckeditor Fckeditor 0.9.3
Ckeditor Fckeditor
Ckeditor Fckeditor 2.6.5
Ckeditor Fckeditor 2.6
Ckeditor Fckeditor 2.4
Ckeditor Fckeditor 2.3.3
Ckeditor Fckeditor 2.1
Ckeditor Fckeditor 1.4
Ckeditor Fckeditor 1.3.1
Ckeditor Fckeditor 1.0
Ckeditor Fckeditor 0.8.5
Ckeditor Fckeditor 0.8
Ckeditor Fckeditor 2.6.4
Ckeditor Fckeditor 2.6.4.1
1 EDB exploit
4.3
CVSSv2
CVE-2012-2722
The node selection interface in the WYSIWYG editor (CKEditor) in the Node Embed module 6.x-1.x prior to 6.x-1.5 and 7.x-1.x prior to 7.x-1.0 for Drupal does not properly check permissions, which allows remote malicious users to bypass intended access restrictions and read node ti...
Scott Reynen Node Embed 6.x-1.1
Scott Reynen Node Embed 6.x-1.2
Scott Reynen Node Embed 6.x-1.0
Scott Reynen Node Embed 7.x-1.0
Scott Reynen Node Embed 7.x-1.x
Scott Reynen Node Embed 6.x-1.3
Scott Reynen Node Embed 6.x-1.4
4
CVSSv2
CVE-2021-21254
CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin (@ckeditor/ckeditor5-markdown-gfm) before version 25.0.0 has a regex denial of service (ReDoS) vulnerability. The vulnerability allowed to abuse link recognition re...
Ckeditor Ckeditor5
3.5
CVSSv2
CVE-2022-24728
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing ...
Ckeditor Ckeditor
Drupal Drupal
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Commerce Merchandising 11.3.2
Oracle Financial Services Trade-based Anti Money Laundering 8.0.7
Oracle Financial Services Trade-based Anti Money Laundering 8.0.8
Fedoraproject Fedora 36
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1.0
Oracle Application Express
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.1
Oracle Financial Services Behavior Detection Platform
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Behavior Detection Platform 8.0.8.0
Oracle Financial Services Behavior Detection Platform 8.0.7.0
Fedoraproject Fedora 37
3.5
CVSSv2
CVE-2021-41165
CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, w...
Ckeditor Ckeditor
Drupal Drupal
Oracle Webcenter Portal 12.2.1.3.0
Oracle Agile Product Lifecycle Management 9.3.6
Oracle Banking Digital Experience 19.1
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Banking Digital Experience 21.1
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Banking Digital Experience
Oracle Application Express
3.5
CVSSv2
CVE-2021-41164
CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed HTML bypassing content sanitization, ...
Ckeditor Ckeditor
Drupal Drupal
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Banking Digital Experience 21.1
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Banking Digital Experience
Oracle Webcenter Portal 12.2.1.3.0
Oracle Agile Plm 9.3.6
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Portal 12.2.1.4.0
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Application Express
Fedoraproject Fedora 36
Fedoraproject Fedora 37
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »