Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-37905

Published: 21/07/2023 Updated: 15/09/2023
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Ckeditor-wordcount-plugin Project

Vulnerability Summary

ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the `ckeditor-wordcount-plugin` plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the `ckeditor-wordcount-plugin` plugin and users are advised to upgrade. There are no known workarounds for this vulnerability.

Vulnerable Product Search on Vulmon Subscribe to Product

ckeditor-wordcount-plugin project ckeditor-wordcount-plugin

References

CWE-79https://github.com/w8tcha/CKEditor-WordCount-Plugin/commit/0f03b3e5b7c1409998a13aba3a95396e6fa349d8https://github.com/w8tcha/CKEditor-WordCount-Plugin/commit/a4b154bdf35b3465320136fcb078f196b437c2f1https://github.com/w8tcha/CKEditor-WordCount-Plugin/security/advisories/GHSA-q9w4-w667-qqj4https://typo3.org/security/advisory/typo3-core-sa-2023-004https://github.com/TYPO3/typo3/security/advisories/GHSA-m8fw-p3cr-6jqchttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook