ckeditor
Web & CMS Pluginsoss-project
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting ckeditor.
- CVE-2026-28343CKEditor: Cross-site scripting (XSS) in the HTML Support package6.4
- CVE-2025-61261A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payl...5.4
- CVE-2024-45613CKEditor 5 has Cross-site Scripting vulnerability in the clipboard package6.1
- CVE-2024-43411CKEditor4 has a low risk cross-site scripting (XSS) vulnerability from domain takeover3.1
- CVE-2024-43407Code Snippet GeSHi plugin has reflected cross-site scripting (XSS) vulnerability6.1
- CVE-2024-24816Cross-site scripting (XSS) vulnerability in samples with enabled the preview feature6.1
- CVE-2024-24815CKEditor4 Cross-site scripting (XSS) vulnerability caused by incorrect CDATA detection6.1
- CVE-2023-31541A unrestricted file upload vulnerability was discovered in the ‘Browse and upload images’ feature of the CKEditor v1.2.3 plugin for Redmine, which allows arbitrary files to be uploaded to the s...9.8
- CVE-2023-28439ckeditor4 plugins vulnerable to cross-site scripting caused by the editor instance destroying process4.7
- CVE-2022-48110CKSource CKEditor 5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget. NOTE: the vendor's position is that this is not a vulnerabili...6.1
- CVE-2022-31175Cross-site scripting caused by the editor instance destroying process in ckeditor55.8
- CVE-2022-24729Regular expression Denial of Service in dialog plugin6.5
- CVE-2022-24728Cross-site Scripting in CKEditor45.4
- CVE-2021-41165HTML comments vulnerability allowing to execute JavaScript code8.2
- CVE-2021-41164Advanced Content Filter (ACF) vulnerability allowing to execute JavaScript code using malformed HTML8.2