Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm ckeditor4 Security Advisories
Browse all Security Advisories for npm ckeditor4
Loading...
Low
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: 2 months ago
GSA_kwCzR0hTQS02djk2LW0yNHYtZjU4as4AA-1-
CKEditor4 low-risk cross-site scripting (XSS) vulnerability linked to potential domain takeoverEcosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: 2 months ago
Moderate
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 2 months ago
GSA_kwCzR0hTQS03cjMyLXZmajUtYzJqds4AA-19
Code Snippet GeSHi plugin has reflected cross-site scripting (XSS) vulnerabilityEcosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 2 months ago
Moderate
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 9 months ago
GSA_kwCzR0hTQS13aDV3LTgyZjMtd3J4aM4AA5JM
CKEditor cross-site scripting vulnerability in AJAX sampleEcosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 9 months ago
Moderate
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 9 months ago
GSA_kwCzR0hTQS1tdzJjLXZ4NmotbWc3Ns4AA5JL
CKEditor4 Cross-site Scripting vulnerability in samples with enabled the preview featureEcosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 9 months ago
Moderate
Ecosystems: packagist, npm
Packages: ckeditor/ckeditor, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: 9 months ago
GSA_kwCzR0hTQS1mcTZoLTRnOHYtcXF2bc4AA5JK
CKEditor4 Cross-site Scripting vulnerability caused by incorrect CDATA detectionEcosystems: packagist, npm
Packages: ckeditor/ckeditor, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: 9 months ago
Moderate
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: over 2 years ago
GSA_kwCzR0hTQS00bTQ0LTVqMmcteGY2NM4AAmnn
Improper Neutralization of Input During Web Page Generation in CKEditor4Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: over 2 years ago
GSA_kwCzR0hTQS00ZmM0LTRwNWctNnc4Oc0zNg
Cross-site Scripting in CKEditor4Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: over 2 years ago
High
Ecosystems: packagist, npm
Packages: ckeditor/ckeditor, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 49.0
Published: almost 3 years ago
GSA_kwCzR0hTQS03aDI2LTYzbTctcWhmMs0XTw
HTML comments vulnerability allowing to execute JavaScript codeEcosystems: packagist, npm
Packages: ckeditor/ckeditor, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 49.0
Published: almost 3 years ago
High
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 22.4
Published: almost 3 years ago
GSA_kwCzR0hTQS1wdm14LWc4aDUtY3Byas0XTg
Advanced Content Filter (ACF) vulnerability allowing to execute JavaScript code using malformed HTMLEcosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 22.4
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: about 3 years ago
GSA_kwCzR0hTQS13cHZtLXdxcjQtcDdjd80WSA
Inclusion of Functionality from Untrusted Control Sphere in CKEditor 4Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: about 3 years ago
High
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW05NGMtMzdnNi1jamhj
Fake objects feature vulnerability allowing to execute JavaScript code using malformed HTML.Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc4ODktcm01ai1ocGdn
Clipboard feature vulnerability allowing to inject arbitrary HTML into the editor using paste functionalityEcosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 3 years ago
High
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYyMjYtaDdmZi1jaDZj
Widget feature vulnerability allowing to execute JavaScript code using undo functionalityEcosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 3 years ago
Moderate
Ecosystems: packagist, npm
Packages: drupal/drupal, drupal/core, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJneDYtcmpqNC1jMzg4
ckeditor4 vulnerable to cross-site scriptingEcosystems: packagist, npm
Packages: drupal/drupal, drupal/core, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZjamYtbWdjZy1qeGpx
CKEditor 4.0 vulnerability in the HTML Data ProcessorEcosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: over 3 years ago
Statistics
Advisories: 20,408
Packages: 8,948
Repositories: 2
Ecosystems: 12
Packages: 8,948
Repositories: 2
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
31
electron
26
directus
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
next
18
sequelize
16
tinymce
16
ghost
15
ckeditor4
15
swagger-ui
14
undici
13
joplin
13
strapi
13
angular
13
vm2
12
handlebars
11
TinyMCE
11
tinymce/tinymce
11
marked
11
nodebb
11
flowise
10
matrix-js-sdk
10
nocodb
10
bootstrap
10
org.webjars:bootstrap
9
bootstrap
9
@evershop/evershop
9
@strapi/strapi
9
serve
9
matrix-react-sdk
9
next-auth
9
bootstrap
9
twbs/bootstrap
9
tar
8
systeminformation
8
node-forge
8
validator
8
editor.md
8
url-parse
8
steal
8
jquery
8
org.webjars.npm:jquery
8
jquery-rails
8
npm
8
matrix-appservice-irc
8
jsrsasign
8
express-cart
8
urijs
8
bootstrap-sass
7
hermes-engine
7
lunary
7
shescape
7
snyk-broker
7
uptime-kuma
7
bootstrap.sass
7
jQuery
7
vite
7
total.js
7
sanitize-html
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
lodash
7
jquery-ui-rails
7
hapi
7
elliptic
7
jquery-ui
7
bootstrap-sass
6
aaptjs
6
dompurify
6
parse-url
6
@strapi/plugin-users-permissions
6
safe-eval
6
rsshub
6
sweetalert2
5
openpgp
5
ua-parser-js
5
public
5
vditor
5
rendertron
5
dojo
5
mattermost-desktop
5
prismjs
5
keystone
5
ejs
5
mysql2
5
yarn
5
axios
5
ws
5
total4
5
@saltcorn/server
5
mongoose
5
xlsx
5
mermaid
5
lodash-es
5
moment
4
ecstatic
4
generator-jhipster
4
mongo-express
4
realms-shim
4
auth0-js
4
@backstage/plugin-scaffolder-backend
4
vega
4
apostrophe
4
remarkable
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
safer-eval
4
simple-git
4
aws-iot-device-sdk-v2
4
awsiotsdk
4
express
4
fast-xml-parser
4
auth0-lock
4
hono
4
muhammara
4
simple-markdown
4
jsonwebtoken
4
engine.io
4
materialize-css
4
fastify
4
@keystone-6/core
4
apollo-server-core
4
convert-svg-core
4
follow-redirects
4
hummus
4
@lobehub/chat
4
meshcentral
4
glance
4
katex
4
qs
4
valine
4
code-server
3
braces
3
send
3
raneto
3
ag-grid-community
3
@directus/api
3
keycloak-connect
3
buttle
3
jspdf
3
json-ptr
3
node-jose
3
nodemailer
3
mixme
3
locutus
3
mathjs
3
ftp-srv
3
immer
3
@strapi/utils
3
parsel
3
libxmljs
3
slpjs
3
@frangoteam/fuxa
3
xmldom
3
renovate
3
socket.io-parser
3
object-path
3
socket.io-file
3
serialize-to-js
3
node-fetch
3
ids-enterprise
3
froala-editor
3
django-tinymce
3
browserify-shim
3
@cubejs-backend/api-gateway
3
node-ipc
3
@uppy/companion
3
yapi-vendor
3
passport-wsfed-saml2
3
@strapi/plugin-content-manager
3
nadesiko3
3
@soketi/soketi
3
stimulsoft-dashboards-js
3
connect
3
@janhq/core
3
@jmondi/url-to-png
3
@sveltejs/kit
3
sails
3
bson
3
simplehttpserver
3
wrangler
3
mysql
3
socket.io
3
localhost-now
3
ses
3
lodash.defaultsdeep
3
dset
3
dojox
3
convict
3
protobufjs
3
highcharts
3
@materializecss/materialize
3
@backstage/techdocs-common
3
fuxa-server
3
uap-core
3
llhttp
3
jointjs
3
tough-cookie
3
n8n
3
@ckeditor/ckeditor5-markdown-gfm
3
Filter by Repository