← Back

Ckeditor

ckeditor

Vendor: Cksource • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-4771
1Cksource
1Ckeditor
Nov 21, 2024
Nov 16, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrie...Show more
A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an authorized user's information.Show less
CVE-2015-9349
1Cksource
1Ckeditor
Nov 21, 2024
Aug 27, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The ckeditor-for-wordpress plugin before 4.5.3.1 for WordPress has reflected XSS in the "built-in (old)" file browser.