It was possible to execute a ReDoS-type attack inside CKEditor 4 prior to 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ckeditor ckeditor |
||
oracle agile plm 9.3.5 |
||
oracle agile plm 9.3.6 |
||
oracle application express |
||
oracle financial services analytical applications infrastructure |
||
oracle financial services analytical applications infrastructure 8.1.0 |
||
oracle financial services analytical applications infrastructure 8.1.1 |
||
oracle jd edwards enterpriseone tools |
||
oracle siebel ui framework |
||
oracle webcenter sites 12.2.1.3.0 |
||
oracle webcenter sites 12.2.1.4.0 |