Vulnerabilities > Webspellchecker

DATE CVE VULNERABILITY TITLE RISK
2020-03-10 CVE-2020-9440 Cross-site Scripting vulnerability in multiple products
A cross-site scripting (XSS) vulnerability in the WSC plugin through 5.5.7.5 for CKEditor 4 allows remote attackers to run arbitrary web script inside an IFRAME element by injecting a crafted HTML element into the editor.
network
low complexity
ckeditor webspellchecker fedoraproject CWE-79
6.1