Количество 2
Количество 2
CVE-2023-37905
ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the `ckeditor-wordcount-plugin` plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the `ckeditor-wordcount-plugin` plugin and users are advised to upgrade. There are no known workarounds for this vulnerability.
GHSA-q9w4-w667-qqj4
ckeditor-wordcount-plugin vulnerable to Cross-site Scripting in Source Mode of Editor
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-37905 ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the `ckeditor-wordcount-plugin` plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the `ckeditor-wordcount-plugin` plugin and users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 6.1 | 0% Низкий | больше 2 лет назад |
| GHSA-q9w4-w667-qqj4 ckeditor-wordcount-plugin vulnerable to Cross-site Scripting in Source Mode of Editor | CVSS3: 6.1 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу