exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2021-41165

около 4 лет назад

CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, which could result in executing JavaScript code. It affects all users using the CKEditor 4 at version < 4.17.0. The problem has been recognized and patched. The fix will be available in version 4.17.0.

CVSS3: 8.2

EPSS: Низкий

CVE-2021-41165

около 4 лет назад

CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, which could result in executing JavaScript code. It affects all users using the CKEditor 4 at version < 4.17.0. The problem has been recognized and patched. The fix will be available in version 4.17.0.

CVSS3: 8.2

EPSS: Низкий

CVE-2021-41165

около 4 лет назад

CKEditor4 is an open source WYSIWYG HTML editor. In affected version a ...

CVSS3: 8.2

EPSS: Низкий

GHSA-7h26-63m7-qhf2

около 4 лет назад

HTML comments vulnerability allowing to execute JavaScript code

CVSS3: 8.2

EPSS: Низкий

BDU:2022-02008

около 4 лет назад

Уязвимость модуля обработки HTML-страниц WYSIWYG-редактора CKEditor, позволяющая нарушителю осуществлять межсайтовые сценарные атаки

CVSS3: 8.2

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-41165 CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, which could result in executing JavaScript code. It affects all users using the CKEditor 4 at version < 4.17.0. The problem has been recognized and patched. The fix will be available in version 4.17.0.	CVSS3: 8.2	0% Низкий	около 4 лет назад
CVE-2021-41165 CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, which could result in executing JavaScript code. It affects all users using the CKEditor 4 at version < 4.17.0. The problem has been recognized and patched. The fix will be available in version 4.17.0.	CVSS3: 8.2	0% Низкий	около 4 лет назад
CVE-2021-41165 CKEditor4 is an open source WYSIWYG HTML editor. In affected version a ...	CVSS3: 8.2	0% Низкий	около 4 лет назад
GHSA-7h26-63m7-qhf2 HTML comments vulnerability allowing to execute JavaScript code	CVSS3: 8.2	0% Низкий	около 4 лет назад
BDU:2022-02008 Уязвимость модуля обработки HTML-страниц WYSIWYG-редактора CKEditor, позволяющая нарушителю осуществлять межсайтовые сценарные атаки	CVSS3: 8.2	0% Низкий	около 4 лет назад

Уязвимостей на страницу