Search CVE reports

1 – 10 of 32 results

Detailed view

Sort by:

CVE-2024-43411

Negligible priority

Needs evaluation

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 (and above). In a highly unlikely scenario where an attacker gains control over...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ckeditor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ckeditor3	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	—
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2024-43407

Medium priority

Needs evaluation

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ckeditor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ckeditor3	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	—
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2024-24816

Medium priority

Needs evaluation

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the `preview` feature....

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ckeditor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ckeditor3	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Ignored
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2024-24815

Medium priority

Needs evaluation

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module in versions of CKEditor4 prior to 4.24.0-lts. It may affect all editor...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ckeditor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ckeditor3	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Ignored
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2023-4771

Medium priority

Needs evaluation

A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ckeditor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ckeditor3	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Ignored
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2023-28439

Medium priority

Needs evaluation

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ckeditor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ckeditor3	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Ignored
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-48110

Medium priority

Ignored

** DISPUTED ** CKSource CKEditor 5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget. NOTE: the vendor's position is that this is not a vulnerability. The CKEditor 5...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ckeditor	Not affected	Not affected	Not affected	Not affected	Not affected
ckeditor3	Not affected	Not affected	Not affected	Not affected	Ignored
ldap-account-manager	Not affected	Not affected	Not affected	Not affected	Not affected
request-tracker4	Not affected	Not affected	Not affected	Not affected	Not affected

CVE-2023-22457

Medium priority

Needs evaluation

CKEditor Integration UI adds support for editing wiki pages using CKEditor. Prior to versions 1.64.3,t he `CKEditor.HTMLConverter` document lacked a protection against Cross-Site Request Forgery (CSRF), allowing to execute macros...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ckeditor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ckeditor3	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Ignored
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-31175

Medium priority

Needs evaluation

CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ckeditor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ckeditor3	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Ignored
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-24729

Low priority

Needs evaluation

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ckeditor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ckeditor3	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Ignored
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

Export to JSON

Results by page: