Описание
A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an authorized user's information.
Уязвимые конфигурации
Конфигурация 1Версия до 4.15.1 (включая)
cpe:2.3:a:cksource:ckeditor:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 96%
0.27232
Средний
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
ubuntu
около 2 лет назад
A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an authorized user's information.
CVSS3: 6.1
debian
около 2 лет назад
A Cross-Site scripting vulnerability has been found in CKSource CKEdit ...
CVSS3: 6.1
github
почти 2 года назад
CKEditor cross-site scripting vulnerability in AJAX sample
EPSS
Процентиль: 96%
0.27232
Средний
6.1 Medium
CVSS3
Дефекты
CWE-79