Cksource: >> Ckeditor >> 1.0.4 Security Vulnerabilities
A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an authorized user's information.
CVSS Score
6.1
EPSS Score
0.199
Published
2023-11-16
The ckeditor-for-wordpress plugin before 4.5.3.1 for WordPress has reflected XSS in the "built-in (old)" file browser.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-27