Ckeditor4
This hub aggregates every CVE we track for Ckeditor4, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
17
CVEs tracked
0
Critical
4
High
0
In CISA KEV
Severity distribution
MEDIUM12HIGH4LOW1
Monthly trend
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Ckeditor4.
- CVE-2024-43411CKEditor4 has a low risk cross-site scripting (XSS) vulnerability from domain takeover3.1
- CVE-2024-43407Code Snippet GeSHi plugin has reflected cross-site scripting (XSS) vulnerability6.1
- CVE-2024-24816Cross-site scripting (XSS) vulnerability in samples with enabled the preview feature6.1
- CVE-2024-24815CKEditor4 Cross-site scripting (XSS) vulnerability caused by incorrect CDATA detection6.1
- CVE-2023-4771Cross-Site Scripting vulnerability in CKSource CKEditor6.1
- CVE-2023-28439ckeditor4 plugins vulnerable to cross-site scripting caused by the editor instance destroying process4.7
- CVE-2022-24728Cross-site Scripting in CKEditor45.4
- CVE-2022-24729Regular expression Denial of Service in dialog plugin6.5
- CVE-2021-41165HTML comments vulnerability allowing to execute JavaScript code8.2
- CVE-2021-41164Advanced Content Filter (ACF) vulnerability allowing to execute JavaScript code using malformed HTML8.2
- CVE-2021-37695Execution of JavaScript code using malformed HTML in ckeditor7.3
- CVE-2021-32809Arbitrary HTML injection vulnerability in ckeditor4.6
- CVE-2021-32808Cross-site scripting in ckeditor via abuse of undo functionality7.6
- CVE-2021-33829A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafte...6.1
- CVE-2021-26272It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink pl...6.5
Product normalization is registry-driven with AI assist and human review. How it works