Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ckeditor ckeditor vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-5191
Cross-site scripting (XSS) vulnerability in the Preview plugin prior to 4.4.3 in CKEditor allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ckeditor Ckeditor 4.4.1
Ckeditor Ckeditor
Ckeditor Ckeditor 4.4.0
4.3
CVSSv2
CVE-2012-4000
Cross-site scripting (XSS) vulnerability in the print_textinputs_var function in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor 2.6.7 and previous versions allows remote malicious users to inject arbitrary web script or HTML via textinput...
Ckeditor Fckeditor 2.6.3
Ckeditor Fckeditor 2.5
Ckeditor Fckeditor 2.4.3
Ckeditor Fckeditor 2.3
Ckeditor Fckeditor 2.0
Ckeditor Fckeditor 1.2.2
Ckeditor Fckeditor 1.2
Ckeditor Fckeditor 0.9.4
Ckeditor Fckeditor 0.9.3
Ckeditor Fckeditor
Ckeditor Fckeditor 2.6.5
Ckeditor Fckeditor 2.6
Ckeditor Fckeditor 2.4
Ckeditor Fckeditor 2.3.3
Ckeditor Fckeditor 2.1
Ckeditor Fckeditor 1.4
Ckeditor Fckeditor 1.3.1
Ckeditor Fckeditor 1.0
Ckeditor Fckeditor 0.8.5
Ckeditor Fckeditor 0.8
Ckeditor Fckeditor 2.6.4
Ckeditor Fckeditor 2.6.4.1
1 EDB exploit
4.3
CVSSv2
CVE-2012-2066
Cross-site scripting (XSS) vulnerability in the FCKeditor module 6.x-2.x prior to 6.x-2.3 and the CKEditor module 6.x-1.x prior to 6.x-1.9 and 7.x-1.x prior to 7.x-1.7 for Drupal allows remote authenticated users or remote malicious users to inject arbitrary web script or HTML vi...
Ckeditor Fckeditor 6.x-2.3
Ckeditor Fckeditor 6.x-2.0
Ckeditor Fckeditor 6.x-1.3
Ckeditor Fckeditor 6.x-1.1
Ckeditor Fckeditor 6.x-2.2
Ckeditor Fckeditor 6.x-1.4
Ckeditor Fckeditor 6.x-1.x
Ckeditor Fckeditor 6.x-2.1
Ckeditor Fckeditor 6.x-2.x
Ckeditor Fckeditor 6.x-1.2-1
Ckeditor Fckeditor 6.x-1.2
Ckeditor Ckeditor 6.x-1.5
Ckeditor Ckeditor 6.x-1.4
Ckeditor Ckeditor 7.x-1.6
Ckeditor Ckeditor 7.x-1.5
Ckeditor Ckeditor 7.x-1.0
Ckeditor Ckeditor 6.x-1.3
Ckeditor Ckeditor 6.x-1.2
Ckeditor Ckeditor 7.x-1.4
Ckeditor Ckeditor 7.x-1.3
Ckeditor Ckeditor 6.x-1.1
Ckeditor Ckeditor 6.x-1.0
6.8
CVSSv2
CVE-2012-2067
Unspecified vulnerability in the CKeditor module 6.x-2.x prior to 6.x-2.3 and the CKEditor module 6.x-1.x prior to 6.x-1.9 and 7.x-1.x prior to 7.x-1.7 for Drupal, when the core PHP module is enabled, allows remote authenticated users or remote malicious users to execute arbitrar...
Ckeditor Fckeditor 6.x-2.1
Ckeditor Fckeditor 6.x-2.0
Ckeditor Fckeditor 6.x-1.4
Ckeditor Fckeditor 6.x-1.3
Ckeditor Fckeditor 6.x-1.2
Ckeditor Fckeditor 6.x-1.1
Ckeditor Fckeditor 6.x-2.3
Ckeditor Fckeditor 6.x-2.x
Ckeditor Fckeditor 6.x-1.2-1
Ckeditor Fckeditor 6.x-2.2
Ckeditor Fckeditor 6.x-1.x
Ckeditor Ckeditor 6.x-1.7
Ckeditor Ckeditor 6.x-1.6
Ckeditor Ckeditor 6.x-1.x
Ckeditor Ckeditor 6.x-1.0
Ckeditor Ckeditor 7.x-1.0
Ckeditor Ckeditor 7.x-1.x
Ckeditor Ckeditor 6.x-1.5
Ckeditor Ckeditor 6.x-1.4
Ckeditor Ckeditor 7.x-1.6
Ckeditor Ckeditor 7.x-1.5
Ckeditor Ckeditor 6.x-1.1
4.3
CVSSv2
CVE-2021-21391
CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the following npm packages: ckeditor5-engine, ckeditor5-font, ckeditor5-image, ckeditor5-list, ckeditor5-markdown-gfm, ckeditor5-media-embed, ckeditor5-paste-from-office, and ckeditor5-widget. Following an internal ...
Ckeditor Ckeditor5-widget
Ckeditor Ckeditor5-paste-from-office
Ckeditor Ckeditor5-media-embed
Ckeditor Ckeditor5-markdown-gfm
Ckeditor Ckeditor5-list
Ckeditor Ckeditor5-image
Ckeditor Ckeditor5-font
Ckeditor Ckeditor5-engine
4.3
CVSSv2
CVE-2018-17960
CKEditor 4.x prior to 4.11.0 allows user-assisted XSS involving a source-mode paste.
Ckeditor Ckeditor
NA
CVE-2024-24815
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module in versions of CKEditor4 before 4.24.0-lts. It may affect all editor instances that enabled full-page editing mode or ena...
Ckeditor Ckeditor
NA
CVE-2024-24816
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions before 4.24.0-lts in samples that use the `preview` feature. All integrators that use these samples in the production code can ...
Ckeditor Ckeditor
1 Github repository
NA
CVE-2023-31541
A unrestricted file upload vulnerability exists in the ‘Browse and upload images’ feature of the CKEditor v1.2.3 plugin for Redmine, which allows arbitrary files to be uploaded to the server.
Ckeditor Ckeditor 1.2.3
NA
CVE-2022-48110
CKSource CKEditor 5 35.4.0 exists to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget. NOTE: the vendor's position is that this is not a vulnerability. The CKEditor 5 documentation discusses that it is the responsibility of an integra...
Ckeditor Ckeditor 35.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »