HIGH8.2CVE-2021-41165HTML comments vulnerability allowing to execute JavaScript code from 0
HIGH8.2CVE-2021-41164Advanced Content Filter (ACF) vulnerability allowing to execute JavaScript code using malformed HTML from 0
HIGH7.6CVE-2021-32808Widget feature vulnerability allowing to execute JavaScript code using undo functionality from 0
HIGH7.5CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.
from 0
HIGH7.3Fake objects feature vulnerability allowing to execute JavaScript code using malformed HTML.
from 0
MEDIUM6.5CKEditor 4 ReDoS Vulnerability
from 0, < 4.16.0+dfsg-1
MEDIUM6.5Inclusion of Functionality from Untrusted Control Sphere in CKEditor 4
from 0, < 4.16.0+dfsg-1
MEDIUM6.1Code Snippet GeSHi plugin in CKEditor 4 has reflected cross-site scripting (XSS) vulnerability
from 0
MEDIUM6.1CKEditor cross-site scripting vulnerability in AJAX sample
from 0
MEDIUM6.1CKEditor4 Cross-site Scripting vulnerability in samples with enabled the preview feature
from 0
MEDIUM6.1CKEditor4 Cross-site Scripting vulnerability caused by incorrect CDATA detection
from 0
MEDIUM6.1CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.
from 0
MEDIUM6.1ckeditor - security update
from 0, < 4.5.7+dfsg-2+deb9u1
MEDIUM6.1ckeditor - security update
from 0, < 4.16.0+dfsg-2
MEDIUM6.1Ckeditor XSS Vulnerability
from 0, < 4.11.1+dfsg-1
MEDIUM5.4Cross-site Scripting in CKEditor4
from 0
MEDIUM4.6Clipboard feature vulnerability allowing to inject arbitrary HTML into the editor using paste functionality
from 0
—The Preview plugin in CKEditor allows Cross-site scripting (XSS)
from 0, < 4.4.4+dfsg1-1