Search CVE reports
1 – 10 of 16 results
CVE-2024-45613
Medium priorityCKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting (XSS) vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ckeditor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-43411
Negligible priorityCKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 (and above). In a highly unlikely scenario where an attacker gains control over...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ckeditor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-43407
Medium priorityCKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ckeditor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-24816
Medium priorityCKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the `preview` feature....
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ckeditor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-24815
Medium priorityCKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module in versions of CKEditor4 prior to 4.24.0-lts. It may affect all editor...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ckeditor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-4771
Medium priorityA Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ckeditor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-28439
Medium priorityCKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ckeditor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-48110
Medium priority** DISPUTED ** CKSource CKEditor 5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget. NOTE: the vendor's position is that this is not a vulnerability. The CKEditor 5...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ckeditor | Not affected | Not affected | Not affected | Not affected | Not affected |
ckeditor3 | Not affected | Not affected | Not affected | Not affected | Ignored |
ldap-account-manager | Not affected | Not affected | Not affected | Not affected | Not affected |
request-tracker4 | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2023-22457
Medium priorityCKEditor Integration UI adds support for editing wiki pages using CKEditor. Prior to versions 1.64.3,t he `CKEditor.HTMLConverter` document lacked a protection against Cross-Site Request Forgery (CSRF), allowing to execute macros...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ckeditor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-31175
Medium priorityCKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ckeditor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |