Vulnerabilities > Ckeditor

DATE CVE VULNERABILITY TITLE RISK
2022-03-16 CVE-2022-24729 CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.
network
low complexity
ckeditor drupal
5.0
2022-03-16 CVE-2022-24728 Cross-site Scripting vulnerability in multiple products
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.
3.5
2021-11-17 CVE-2021-41165 Cross-site Scripting vulnerability in multiple products
CKEditor4 is an open source WYSIWYG HTML editor.
3.5
2021-11-17 CVE-2021-41164 Cross-site Scripting vulnerability in multiple products
CKEditor4 is an open source WYSIWYG HTML editor.
3.5
2021-08-13 CVE-2021-37695 Cross-site Scripting vulnerability in multiple products
ckeditor is an open source WYSIWYG HTML editor with rich content support.
3.5
2021-08-12 CVE-2021-32808 Cross-site Scripting vulnerability in multiple products
ckeditor is an open source WYSIWYG HTML editor with rich content support.
3.5
2021-08-12 CVE-2021-32809 Cross-site Scripting vulnerability in multiple products
ckeditor is an open source WYSIWYG HTML editor with rich content support.
3.5
2021-06-09 CVE-2021-33829 Cross-site Scripting vulnerability in multiple products
A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --!> is mishandled.
4.3
2021-04-29 CVE-2021-21391 Resource Exhaustion vulnerability in Ckeditor products
CKEditor 5 provides a WYSIWYG editing solution.
network
ckeditor CWE-400
4.3
2021-01-29 CVE-2021-21254 Resource Exhaustion vulnerability in Ckeditor 5 10.0.1
CKEditor 5 is an open source rich text editor framework with a modular architecture.
network
low complexity
ckeditor CWE-400
4.0