Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ckeditor ckeditor vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2020-36490
DedeCMS v7.5 SP2 exists to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
Dedecms Dedecms 7.5
312
VMScore
CVE-2020-36491
DedeCMS v7.5 SP2 exists to contain multiple cross-site scripting (XSS) vulnerabilities in the component tags_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
Dedecms Dedecms 7.5
312
VMScore
CVE-2020-36492
DedeCMS v7.5 SP2 exists to contain multiple cross-site scripting (XSS) vulnerabilities in the component select_media.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
Dedecms Dedecms 7.5
312
VMScore
CVE-2020-36493
DedeCMS v7.5 SP2 exists to contain multiple cross-site scripting (XSS) vulnerabilities in the component media_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
Dedecms Dedecms 7.5
312
VMScore
CVE-2020-23044
DedeCMS v7.5 SP2 exists to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_pic_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
Dedecms Dedecms 7.5
312
VMScore
CVE-2021-37695
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Fake Objects](https://ckeditor.com/cke4/addon/fakeobjects) package. The vulnerability allowed to inject malformed Fake Objects HTML, which could ...
Ckeditor Ckeditor
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Financial Services Analytical Applications Infrastructure 8.0.3
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Commerce Merchandising 11.3.2
Oracle Jd Edwards Enterpriseone Tools
Oracle Documaker 12.6.3
Oracle Documaker 12.6.4
Oracle Financial Services Model Management And Governance
Oracle Banking Party Management 2.7.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Application Express
312
VMScore
CVE-2021-32808
ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malformed widget HTML, which could re...
Ckeditor Ckeditor
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Webcenter Sites 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Sites 12.2.1.4.0
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Commerce Merchandising 11.3.2
Oracle Documaker 12.6.3
Oracle Documaker 12.6.4
Oracle Banking Party Management 2.7.0
Oracle Siebel Ui Framework
Oracle Jd Edwards Enterpriseone Tools
Oracle Financial Services Model Management And Governance 8.1.0.0.0
Oracle Financial Services Model Management And Governance 8.0.8.0.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Application Express
312
VMScore
CVE-2021-32809
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Clipboard](https://ckeditor.com/cke4/addon/clipboard) package. The vulnerability allowed to abuse paste functionality using malformed HTML, which...
Ckeditor Ckeditor
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Commerce Merchandising 11.3.2
Oracle Jd Edwards Enterpriseone Tools
Oracle Documaker 12.6.3
Oracle Documaker 12.6.4
Oracle Banking Party Management 2.7.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Application Express
NA
CVE-2023-46694
Vtenext 21.02 allows an authenticated malicious user to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication controls when accessing the Ckeditor file manager function...
NA
CVE-2024-24816
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions before 4.24.0-lts in samples that use the `preview` feature. All integrators that use these samples in the production code can ...
Ckeditor Ckeditor
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »