Описание
A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
Ссылки
- Release Notes
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:angular:angular:18.0.0:-:*:*:*:node.js:*:*
cpe:2.3:a:ckeditor:ckeditor5:46.1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00062
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
ubuntu
3 месяца назад
A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
CVSS3: 5.4
debian
3 месяца назад
A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1 ...
CVSS3: 5.4
github
3 месяца назад
A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
EPSS
Процентиль: 19%
0.00062
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79