A cross-site scripting (XSS) vulnerability in the Color Dialog plugin for CKEditor 4.15.0 allows remote malicious users to run arbitrary web script after persuading a user to copy and paste crafted HTML code into one of editor inputs.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ckeditor ckeditor 4.15.0 |
||
oracle agile plm 9.3.5 |
||
oracle agile plm 9.3.6 |
||
oracle application express |
||
oracle banking party management 2.7.0 |
||
oracle banking platform 2.4.0 |
||
oracle banking platform 2.7.0 |
||
oracle banking platform 2.7.1 |
||
oracle banking platform 2.8.0 |
||
oracle banking platform 2.9.0 |
||
oracle commerce merchandising 11.0.0 |
||
oracle commerce merchandising 11.1.0 |
||
oracle commerce merchandising 11.2.0 |
||
oracle commerce merchandising 11.3.0 |
||
oracle commerce merchandising 11.3.1 |
||
oracle commerce merchandising 11.3.2 |
||
oracle financial services analytical applications infrastructure |
||
oracle financial services analytical applications infrastructure 8.1.0 |
||
oracle financial services analytical applications infrastructure 8.1.1 |
||
oracle jd edwards enterpriseone tools |
||
oracle peoplesoft enterprise peopletools 8.56 |
||
oracle peoplesoft enterprise peopletools 8.57 |
||
oracle peoplesoft enterprise peopletools 8.58 |