Vulnerabilities > Ckeditor
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-25 | CVE-2024-45613 | Cross-site Scripting vulnerability in Ckeditor Ckeditor5 CKEditor 5 is a JavaScript rich-text editor. | 6.1 |
| 2024-08-21 | CVE-2024-43407 | Cross-site Scripting vulnerability in Ckeditor 4.0/4.23.0/4.24.0 CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. | 6.1 |
| 2024-02-07 | CVE-2024-24816 | Cross-site Scripting vulnerability in Ckeditor CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. | 6.1 |
| 2024-02-07 | CVE-2024-24815 | Cross-site Scripting vulnerability in Ckeditor 4.0/4.23.0 CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. | 6.1 |
| 2023-06-13 | CVE-2023-31541 | Unrestricted Upload of File with Dangerous Type vulnerability in Ckeditor 1.2.3 A unrestricted file upload vulnerability was discovered in the ‘Browse and upload images’ feature of the CKEditor v1.2.3 plugin for Redmine, which allows arbitrary files to be uploaded to the server. | 9.8 |
| 2023-03-22 | CVE-2023-28439 | Cross-site Scripting vulnerability in multiple products CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. | 6.1 |
| 2023-02-13 | CVE-2022-48110 | Cross-site Scripting vulnerability in Ckeditor 35.4.0 CKSource CKEditor 5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget. | 6.1 |
| 2022-08-03 | CVE-2022-31175 | Cross-site Scripting vulnerability in Ckeditor products CKEditor 5 is a JavaScript rich text editor. | 4.7 |
| 2022-03-16 | CVE-2022-24729 | CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. | 7.5 |
| 2022-03-16 | CVE-2022-24728 | Cross-site Scripting vulnerability in multiple products CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. | 5.4 |