Vulnerabilities > Ckeditor

DATE CVE VULNERABILITY TITLE RISK
2024-02-07 CVE-2024-24816 Cross-site Scripting vulnerability in Ckeditor
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.
network
low complexity
ckeditor CWE-79
6.1
2024-02-07 CVE-2024-24815 Cross-site Scripting vulnerability in Ckeditor 4.23.0
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.
network
low complexity
ckeditor CWE-79
6.1
2023-06-13 CVE-2023-31541 Unrestricted Upload of File with Dangerous Type vulnerability in Ckeditor 1.2.3
A unrestricted file upload vulnerability was discovered in the ‘Browse and upload images’ feature of the CKEditor v1.2.3 plugin for Redmine, which allows arbitrary files to be uploaded to the server.
network
low complexity
ckeditor CWE-434
critical
9.8
2023-03-22 CVE-2023-28439 Cross-site Scripting vulnerability in multiple products
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.
network
low complexity
ckeditor fedoraproject CWE-79
6.1
2023-02-13 CVE-2022-48110 Cross-site Scripting vulnerability in Ckeditor 35.4.0
CKSource CKEditor 5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget.
network
low complexity
ckeditor CWE-79
6.1
2022-03-16 CVE-2022-24729 CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.
network
low complexity
ckeditor drupal oracle fedoraproject
7.5
2022-03-16 CVE-2022-24728 Cross-site Scripting vulnerability in multiple products
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.
network
low complexity
ckeditor drupal oracle fedoraproject CWE-79
5.4
2021-11-17 CVE-2021-41165 Cross-site Scripting vulnerability in multiple products
CKEditor4 is an open source WYSIWYG HTML editor.
network
low complexity
ckeditor drupal oracle CWE-79
5.4
2021-11-17 CVE-2021-41164 Cross-site Scripting vulnerability in multiple products
CKEditor4 is an open source WYSIWYG HTML editor.
network
low complexity
ckeditor drupal oracle fedoraproject CWE-79
5.4
2021-08-13 CVE-2021-37695 Cross-site Scripting vulnerability in multiple products
ckeditor is an open source WYSIWYG HTML editor with rich content support.
network
low complexity
ckeditor debian fedoraproject oracle CWE-79
5.4