MidnightBSD

Advisories for ckeditor

CVE-2012-4000 MEDIUM

Cross-site scripting (XSS) vulnerability in the print_textinputs_var function in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor 2.6.7 and earlier allows remote attackers to inject arbitrary web script or HTML via textinputs array parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
ckeditor fckeditor 1.5
ckeditor fckeditor 1.1
ckeditor fckeditor 1.3.1
ckeditor fckeditor 2.3.2
ckeditor fckeditor 1.2.2
ckeditor fckeditor 2.4.1
ckeditor fckeditor 0.9.3
ckeditor fckeditor 2.5
ckeditor fckeditor 0.9.2
ckeditor fckeditor 2.1.1
ckeditor fckeditor 2.5.1
ckeditor fckeditor *
ckeditor fckeditor 2.4.3
ckeditor fckeditor 0.8
ckeditor fckeditor 2.6.2
ckeditor fckeditor 0.8.5
ckeditor fckeditor 1.6
ckeditor fckeditor 2.3.1
ckeditor fckeditor 1.4
ckeditor fckeditor 2.4
ckeditor fckeditor 2.3
ckeditor fckeditor 0.9.4
ckeditor fckeditor 2.6.1
ckeditor fckeditor 2.6.5
ckeditor fckeditor 2.6.4.1
ckeditor fckeditor 2.6.4
ckeditor fckeditor 2.2
ckeditor fckeditor 1.2.4
ckeditor fckeditor 1.2
ckeditor fckeditor 1.0
ckeditor fckeditor 1.3
ckeditor fckeditor 2.6.3
ckeditor fckeditor 0.9.0
ckeditor fckeditor 2.4.2
ckeditor fckeditor 2.3.3
ckeditor fckeditor 2.6
ckeditor fckeditor 0.9.5
ckeditor fckeditor 2.0
ckeditor fckeditor 2.1
ckeditor fckeditor 0.9.1
CVE-2014-4037 MEDIUM

Cross-site scripting (XSS) vulnerability in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor before 2.6.11 and earlier allows remote attackers to inject arbitrary web script or HTML via an array key in the textinputs[] parameter, a different issue than CVE-2012-4000.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
ckeditor fckeditor *
CVE-2014-5191 MEDIUM

Cross-site scripting (XSS) vulnerability in the Preview plugin before 4.4.3 in CKEditor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
ckeditor ckeditor 4.4.0
ckeditor ckeditor 4.4.1
ckeditor ckeditor *
CVE-2018-11093 MEDIUM

Cross-site scripting (XSS) vulnerability in the Link package for CKEditor 5 before 10.0.1 allows remote attackers to inject arbitrary web script through a crafted href attribute of a link (A) element.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
ckeditor ckeditor_5-link *
CVE-2018-17960 MEDIUM

CKEditor 4.x before 4.11.0 allows user-assisted XSS involving a source-mode paste.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
ckeditor ckeditor *
CVE-2018-9861 MEDIUM

Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4.5.10 through 4.9.1; fixed in 4.9.2), as used in Drupal 8 before 8.4.7 and 8.5.x before 8.5.2 and other products, allows remote attackers to inject arbitrary web script through a crafted IMG element.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
ckeditor enhanced_image *
drupal drupal *
CVE-2020-27193 MEDIUM

A cross-site scripting (XSS) vulnerability in the Color Dialog plugin for CKEditor 4.15.0 allows remote attackers to run arbitrary web script after persuading a user to copy and paste crafted HTML code into one of editor inputs.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
oracle application_express *
oracle banking_platform 2.9.0
oracle commerce_merchandising 11.3.2
oracle financial_services_analytical_applications_infrastructure *
oracle agile_plm 9.3.6
oracle financial_services_analytical_applications_infrastructure 8.1.1
oracle commerce_merchandising 11.3.1
oracle peoplesoft_enterprise_peopletools 8.56
oracle banking_party_management 2.7.0
ckeditor ckeditor 4.15.0
oracle commerce_merchandising 11.0.0
oracle peoplesoft_enterprise_peopletools 8.57
oracle banking_platform 2.7.0
oracle commerce_merchandising 11.1.0
oracle peoplesoft_enterprise_peopletools 8.58
oracle commerce_merchandising 11.2.0
oracle commerce_merchandising 11.3.0
oracle financial_services_analytical_applications_infrastructure 8.1.0
oracle banking_platform 2.8.0
oracle agile_plm 9.3.5
oracle banking_platform 2.4.0
oracle banking_platform 2.7.1
oracle jd_edwards_enterpriseone_tools *
CVE-2020-9281 MEDIUM

A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
oracle application_express *
oracle webcenter_portal 12.2.1.3.0
oracle peoplesoft_enterprise_peopletools -
oracle banking_enterprise_default_managment *
oracle agile_plm 9.3.6
oracle banking_enterprise_default_management 2.7.1
oracle siebel_apps_-_customer_order_management *
oracle peoplesoft_enterprise_peopletools 8.56
oracle webcenter_portal 12.2.1.4.0
oracle peoplesoft_enterprise_peopletools 8.57
oracle webcenter_portal 11.1.1.9.0
ckeditor ckeditor *
oracle banking_enterprise_default_management 2.7.0
oracle peoplesoft_enterprise_peopletools 8.58
oracle banking_enterprise_default_management 2.10.0
fedoraproject fedora 31
oracle banking_enterprise_default_management 2.12.0
oracle banking_enterprise_default_management 2.6.2
fedoraproject fedora 32
oracle agile_plm 9.3.5
drupal drupal *
oracle jd_edwards_enterpriseone_tools *
fedoraproject fedora 30
CVE-2020-9440 MEDIUM

A cross-site scripting (XSS) vulnerability in the WSC plugin through 5.5.7.5 for CKEditor 4 allows remote attackers to run arbitrary web script inside an IFRAME element by injecting a crafted HTML element into the editor.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
fedoraproject fedora 31
ckeditor ckeditor 4.0
fedoraproject fedora 32
webspellchecker webspellchecker *
fedoraproject fedora 30
CVE-2021-21254 MEDIUM

CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin (@ckeditor/ckeditor5-markdown-gfm) before version 25.0.0 has a regex denial of service (ReDoS) vulnerability. The vulnerability allowed to abuse link recognition regular expression, which could cause a significant performance drop resulting in browser tab freeze. It affects all users using CKEditor 5 Markdown plugin at version <= 24.0.0. The problem has been recognized and patched. The fix will be available in version 25.0.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
ckeditor ckeditor5 *
CVE-2021-21391 MEDIUM

CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the following npm packages: ckeditor5-engine, ckeditor5-font, ckeditor5-image, ckeditor5-list, ckeditor5-markdown-gfm, ckeditor5-media-embed, ckeditor5-paste-from-office, and ckeditor5-widget. Following an internal audit, a regular expression denial of service (ReDoS) vulnerability has been discovered in multiple CKEditor 5 packages. The vulnerability allowed to abuse particular regular expressions, which could cause a significant performance drop resulting in a browser tab freeze. It affects all users using the CKEditor 5 packages listed above at version <= 26.0.0. The problem has been recognized and patched. The fix will be available in version 27.0.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6
security-advisories@github.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
ckeditor ckeditor5-list *
ckeditor ckeditor5-markdown-gfm *
ckeditor ckeditor5-engine *
ckeditor ckeditor5-image *
ckeditor ckeditor5-widget *
ckeditor ckeditor5-media-embed *
ckeditor ckeditor5-paste-from-office *
ckeditor ckeditor5-font *
CVE-2021-26271 MEDIUM

It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-829,

Products Affected

Vendor Product Version
oracle application_express *
oracle financial_services_analytical_applications_infrastructure *
oracle webcenter_sites 12.2.1.4.0
oracle agile_plm 9.3.6
oracle financial_services_analytical_applications_infrastructure 8.1.1
oracle financial_services_analytical_applications_infrastructure 8.1.0
oracle webcenter_sites 12.2.1.3.0
oracle agile_plm 9.3.5
ckeditor ckeditor *
oracle jd_edwards_enterpriseone_tools *
oracle siebel_ui_framework *
CVE-2021-26272 MEDIUM

It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-829,

Products Affected

Vendor Product Version
oracle application_express *
oracle commerce_merchandising *
oracle financial_services_analytical_applications_infrastructure *
oracle agile_plm 9.3.6
oracle financial_services_analytical_applications_infrastructure 8.1.1
oracle webcenter_sites 12.2.1.3.0
oracle banking_party_management 2.7.0
ckeditor ckeditor *
oracle financial_services_model_management_and_governance *
oracle commerce_merchandising 11.1.0
oracle commerce_merchandising 11.2.0
oracle webcenter_sites 12.2.1.4.0
oracle financial_services_analytical_applications_infrastructure 8.1.0
oracle agile_plm 9.3.5
oracle jd_edwards_enterpriseone_tools *
oracle siebel_ui_framework *
CVE-2021-32808 LOW

ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malformed widget HTML, which could result in executing JavaScript code. It affects all users using the CKEditor 4 plugins listed above at version >= 4.13.0. The problem has been recognized and patched. The fix will be available in version 4.16.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 7.6 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N 2.3 4.7
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
oracle application_express *
oracle financial_services_model_management_and_governance 8.1.0.0.0
oracle commerce_merchandising 11.3.2
oracle financial_services_analytical_applications_infrastructure *
oracle commerce_guided_search 11.3.2
oracle webcenter_sites 12.2.1.3.0
fedoraproject fedora 35
oracle banking_party_management 2.7.0
fedoraproject fedora 33
oracle peoplesoft_enterprise_peopletools 8.59
oracle peoplesoft_enterprise_peopletools 8.57
ckeditor ckeditor *
oracle peoplesoft_enterprise_peopletools 8.58
fedoraproject fedora 34
oracle webcenter_sites 12.2.1.4.0
oracle documaker 12.6.3
oracle documaker 12.6.4
oracle jd_edwards_enterpriseone_tools *
oracle siebel_ui_framework *
oracle financial_services_model_management_and_governance 8.0.8.0.0
CVE-2021-32809 LOW

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Clipboard](https://ckeditor.com/cke4/addon/clipboard) package. The vulnerability allowed to abuse paste functionality using malformed HTML, which could result in injecting arbitrary HTML into the editor. It affects all users using the CKEditor 4 plugins listed above at version >= 4.5.2. The problem has been recognized and patched. The fix will be available in version 4.16.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
security-advisories@github.com 4.6 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N 2.1 2.5

CVSS 2.0

Severity: LOW

Problem Type: CWE-94,CWE-79,

Products Affected

Vendor Product Version
oracle application_express *
oracle commerce_merchandising 11.3.2
oracle financial_services_analytical_applications_infrastructure *
oracle commerce_guided_search 11.3.2
fedoraproject fedora 35
oracle banking_party_management 2.7.0
fedoraproject fedora 33
oracle peoplesoft_enterprise_peopletools 8.59
oracle peoplesoft_enterprise_peopletools 8.57
ckeditor ckeditor *
oracle peoplesoft_enterprise_peopletools 8.58
fedoraproject fedora 34
oracle documaker 12.6.3
oracle documaker 12.6.4
oracle jd_edwards_enterpriseone_tools *
CVE-2021-33829 MEDIUM

A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --!> is mishandled.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
fedoraproject fedora 34
fedoraproject fedora 35
fedoraproject fedora 33
drupal drupal *
ckeditor ckeditor *
debian debian_linux 9.0
CVE-2021-37695 LOW

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Fake Objects](https://ckeditor.com/cke4/addon/fakeobjects) package. The vulnerability allowed to inject malformed Fake Objects HTML, which could result in executing JavaScript code. It affects all users using the CKEditor 4 plugins listed above at version < 4.16.2. The problem has been recognized and patched. The fix will be available in version 4.16.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
security-advisories@github.com 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N 2.1 5.2

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
oracle application_express *
oracle commerce_merchandising 11.3.2
oracle financial_services_analytical_applications_infrastructure *
oracle commerce_guided_search 11.3.2
fedoraproject fedora 35
oracle banking_party_management 2.7.0
fedoraproject fedora 33
oracle peoplesoft_enterprise_peopletools 8.59
oracle peoplesoft_enterprise_peopletools 8.57
ckeditor ckeditor *
oracle financial_services_model_management_and_governance *
oracle peoplesoft_enterprise_peopletools 8.58
fedoraproject fedora 34
oracle documaker 12.6.3
oracle documaker 12.6.4
oracle financial_services_analytical_applications_infrastructure 8.0.3
debian debian_linux 9.0
oracle jd_edwards_enterpriseone_tools *
CVE-2021-41164 LOW

CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. It affects all users using the CKEditor 4 at version < 4.17.0. The problem has been recognized and patched. The fix will be available in version 4.17.0.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
oracle application_express *
oracle webcenter_portal 12.2.1.3.0
oracle agile_plm 9.3.6
oracle banking_apis 19.1
oracle commerce_guided_search 11.3.2
oracle banking_digital_experience *
oracle banking_digital_experience 19.1
oracle banking_digital_experience 21.1
oracle banking_apis *
fedoraproject fedora 36
oracle webcenter_portal 12.2.1.4.0
oracle peoplesoft_enterprise_peopletools 8.59
oracle banking_apis 20.1
ckeditor ckeditor *
oracle peoplesoft_enterprise_peopletools 8.58
oracle banking_digital_experience 20.1
oracle banking_apis 21.1
fedoraproject fedora 37
drupal drupal *
oracle banking_digital_experience 19.2
oracle banking_apis 19.2
CVE-2021-41165 LOW

CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, which could result in executing JavaScript code. It affects all users using the CKEditor 4 at version < 4.17.0. The problem has been recognized and patched. The fix will be available in version 4.17.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 8.2 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L 2.3 5.3
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
oracle application_express *
oracle webcenter_portal 12.2.1.3.0
oracle banking_apis 19.1
oracle commerce_guided_search 11.3.2
oracle banking_digital_experience *
oracle banking_digital_experience 19.1
oracle banking_digital_experience 21.1
oracle banking_apis *
oracle agile_product_lifecycle_management 9.3.6
oracle webcenter_portal 12.2.1.4.0
oracle peoplesoft_enterprise_peopletools 8.59
oracle banking_apis 20.1
ckeditor ckeditor *
oracle peoplesoft_enterprise_peopletools 8.58
oracle banking_digital_experience 20.1
oracle banking_apis 21.1
drupal drupal *
oracle banking_digital_experience 19.2
oracle banking_apis 19.2
CVE-2022-24728 LOW

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. This problem has been patched in version 4.18.0. There are currently no known workarounds.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
oracle application_express *
oracle commerce_merchandising 11.3.2
oracle financial_services_analytical_applications_infrastructure *
oracle financial_services_behavior_detection_platform 8.0.7.0
fedoraproject fedora 36
oracle financial_services_behavior_detection_platform 8.0.8.0
oracle peoplesoft_enterprise_peopletools 8.59
ckeditor ckeditor *
oracle peoplesoft_enterprise_peopletools 8.58
oracle financial_services_analytical_applications_infrastructure 8.1.1.0
fedoraproject fedora 37
oracle financial_services_behavior_detection_platform *
oracle financial_services_trade-based_anti_money_laundering 8.0.8
drupal drupal *
oracle financial_services_analytical_applications_infrastructure 8.1.2.0
oracle financial_services_trade-based_anti_money_laundering 8.0.7
oracle financial_services_analytical_applications_infrastructure 8.1.2.1
CVE-2022-24729 MEDIUM

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a browser tab freeze. A patch is available in version 4.18.0. There are currently no known workarounds.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,CWE-1333,

Products Affected

Vendor Product Version
oracle application_express *
oracle commerce_merchandising 11.3.2
oracle financial_services_analytical_applications_infrastructure *
oracle financial_services_behavior_detection_platform 8.0.7.0
fedoraproject fedora 36
oracle financial_services_behavior_detection_platform 8.0.8.0
oracle peoplesoft_enterprise_peopletools 8.59
ckeditor ckeditor *
oracle peoplesoft_enterprise_peopletools 8.58
oracle financial_services_analytical_applications_infrastructure 8.1.1.0
fedoraproject fedora 37
oracle financial_services_behavior_detection_platform *
oracle financial_services_trade-based_anti_money_laundering 8.0.8
drupal drupal *
oracle financial_services_analytical_applications_infrastructure 8.1.2.0
oracle financial_services_trade-based_anti_money_laundering 8.0.7
oracle financial_services_analytical_applications_infrastructure 8.1.2.1
CVE-2022-31175

CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are `@ckeditor/ckeditor5-markdown-gfm`, `@ckeditor/ckeditor5-html-support`, and `@ckeditor/ckeditor5-html-embed`. The specific conditions are 1) Using one of the affected packages. In case of `ckeditor5-html-support` and `ckeditor5-html-embed`, additionally, it was required to use a configuration that allows unsafe markup inside the editor. 2) Destroying the editor instance and 3) Initializing the editor on an element and using an element other than `<textarea>` as a base. The root cause of the issue was a mechanism responsible for updating the source element with the markup coming from the CKEditor 5 data pipeline after destroying the editor. This vulnerability might affect a small percent of integrators that depend on dynamic editor initialization/destroy and use Markdown, General HTML Support or HTML embed features. The problem has been recognized and patched. The fix is available in version 35.0.1. There are no known workarounds for this issue.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N 1.6 2.7
security-advisories@github.com 5.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L 1.6 3.7

Products Affected

Vendor Product Version
ckeditor ckeditor5-markdown-gfm *
ckeditor ckeditor5-html-embed *
ckeditor ckeditor5-html-support *
CVE-2022-48110

CKSource CKEditor 5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget. NOTE: the vendor's position is that this is not a vulnerability. The CKEditor 5 documentation discusses that it is the responsibility of an integrator (who is adding CKEditor 5 functionality to a website) to choose the correct security settings for their use case. Also, safe default values are established (e.g., config.htmlEmbed.showPreviews is false).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
ckeditor ckeditor 35.4.0
CVE-2023-28439

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the affected packages on a web page with missing proper Content Security Policy configuration; initializing the editor on an element and using an element other than `<textarea>` as a base; and destroying the editor instance. This vulnerability might affect a small percentage of integrators that depend on dynamic editor initialization/destroy mechanism. A fix is available in CKEditor4 version 4.21.0. In some rare cases, a security fix may be considered a breaking change. Starting from version 4.21.0, the Iframe Dialog plugin applies the `sandbox` attribute by default, which restricts JavaScript code execution in the iframe element. To change this behavior, configure the `config.iframe_attributes` option. Also starting from version 4.21.0, the Media Embed plugin regenerates the entire content of the embed widget by default. To change this behavior, configure the `config.embed_keepOriginalContent` option. Those who choose to enable either of the more permissive options or who cannot upgrade to a patched version should properly configure Content Security Policy to avoid any potential security issues that may arise from embedding iframe elements on their web page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
security-advisories@github.com 4.7 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N 1.6 2.7

Products Affected

Vendor Product Version
fedoraproject fedora 38
fedoraproject fedora 39
fedoraproject fedora 37
ckeditor ckeditor *
CVE-2023-31541

A unrestricted file upload vulnerability was discovered in the ‘Browse and upload images’ feature of the CKEditor v1.2.3 plugin for Redmine, which allows arbitrary files to be uploaded to the server.

Products Affected

Vendor Product Version
ckeditor ckeditor 1.2.3
CVE-2024-24815

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module in versions of CKEditor4 prior to 4.24.0-lts. It may affect all editor instances that enabled full-page editing mode or enabled CDATA elements in Advanced Content Filtering configuration (defaults to `script` and `style` elements). The vulnerability allows attackers to inject malformed HTML content bypassing Advanced Content Filtering mechanism, which could result in executing JavaScript code. An attacker could abuse faulty CDATA content detection and use it to prepare an intentional attack on the editor. A fix is available in version 4.24.0-lts.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
ckeditor ckeditor *
CVE-2024-24816

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the `preview` feature. All integrators that use these samples in the production code can be affected. The vulnerability allows an attacker to execute JavaScript code by abusing the misconfigured preview feature. It affects all users using the CKEditor 4 at version < 4.24.0-lts with affected samples used in a production environment. A fix is available in version 4.24.0-lts.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
ckeditor ckeditor *
CVE-2024-45613

CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting (XSS) vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code execution, if the attacker managed to insert a malicious content into the editor, which might happen with a very specific editor configuration. This vulnerability only affects installations where the Block Toolbar plugin is enabled and either the General HTML Support (with a configuration that permits unsafe markup) or the HTML Embed plugin is also enabled. A fix for the problem is available in version 43.1.1. As a workaround, one may disable the block toolbar plugin.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
ckeditor ckeditor5 *
CVE-2025-61261

A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 2.8 2.5

Products Affected

Vendor Product Version
ckeditor ckeditor5 46.1.0
angular angular 18.0.0
CVE-2026-28343

CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. Starting in version 29.0.0 and prior to version 47.6.0, a cross-site scripting (XSS) vulnerability has been discovered in the General HTML Support feature. This vulnerability could be triggered by inserting specially crafted markup, leading to unauthorized JavaScript code execution, if the editor instance used an unsafe General HTML Support configuration. This issue has been patched in version 47.6.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 6.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N 3.1 2.7

Products Affected

Vendor Product Version
ckeditor ckeditor5 *