📦 Ckeditor

CVE-2023-31541 is an unrestricted file upload vulnerability in the CKEditor v1.2.3 plugin for Redmine that allows attackers to upload arbitrary files to the server. This affects Redmine installations ...

CVE-2021-37695 is a cross-site scripting (XSS) vulnerability in CKEditor 4's Fake Objects plugin that allows attackers to inject malicious HTML that can execute JavaScript code in victims' browsers. I...

CVE-2021-32808 is a cross-site scripting (XSS) vulnerability in CKEditor 4 that allows attackers to execute arbitrary JavaScript code by exploiting a flaw in the clipboard Widget plugin when used with...

This vulnerability allows reflected cross-site scripting (XSS) attacks through CKEditor4's GeSHi plugin. Attackers can craft malicious scripts that execute when users interact with the vulnerable GeSH...