CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Webspellchecker: >> Webspellchecker >> 5.5.7.4 Security Vulnerabilities

CVE-2020-9440

A cross-site scripting (XSS) vulnerability in the WSC plugin through 5.5.7.5 for CKEditor 4 allows remote attackers to run arbitrary web script inside an IFRAME element by injecting a crafted HTML element into the editor.

CVSS Score

6.1

EPSS Score

0.005

Published

2020-03-10

Page 1

Vulnerabilities

Vulnerable Software

Webspellchecker: >> Webspellchecker >> 5.5.7.4 Security Vulnerabilities

Products

Pricing

Contact Us