Package impact

RubyGems / ckeditor

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2021-33829	high	—	8.0	5y ago	ckeditor4 vulnerable to cross-site scripting	+1
CVE-2021-41165	medium	—	5.5	5y ago	HTML comments vulnerability allowing to execute JavaScript code	+1
CVE-2021-41164	medium	—	5.5	5y ago	Advanced Content Filter (ACF) vulnerability allowing to execute JavaScript code using malformed HTML
CVE-2024-43411	unknown	—	—	2y ago	CKEditor4 low-risk cross-site scripting (XSS) vulnerability linked to potential domain takeover
CVE-2024-43407	unknown	—	—	2y ago	Code Snippet GeSHi plugin in CKEditor 4 has reflected cross-site scripting (XSS) vulnerability
CVE-2023-4771	unknown	—	—	2y ago	CKEditor cross-site scripting vulnerability in AJAX sample
CVE-2024-24815	unknown	—	—	2y ago	CKEditor4 Cross-site Scripting vulnerability caused by incorrect CDATA detection
CVE-2024-24816	unknown	—	—	2y ago	CKEditor4 Cross-site Scripting vulnerability in samples with enabled the preview feature
CVE-2020-27193	unknown	—	—	4y ago	Improper Neutralization of Input During Web Page Generation in CKEditor4
CVE-2022-24728	unknown	—	—	4y ago	The Drupal project uses the [CKEditor](https://github.com/ckeditor/ckeditor4) library for WYSIWYG editing. CKEditor has released [a security update that impacts Drupal](https://ckeditor.com/blog/cked…
CVE-2021-26272	unknown	—	—	5y ago	Inclusion of Functionality from Untrusted Control Sphere in CKEditor 4
CVE-2021-32808	unknown	—	—	5y ago	Widget feature vulnerability allowing to execute JavaScript code using undo functionality
CVE-2021-37695	unknown	—	—	5y ago	Fake objects feature vulnerability allowing to execute JavaScript code using malformed HTML.
CVE-2021-32809	unknown	—	—	5y ago	Clipboard feature vulnerability allowing to inject arbitrary HTML into the editor using paste functionality
CVE-2020-9281	unknown	—	—	5y ago	CKEditor 4.0 vulnerability in the HTML Data Processor
CVE-2021-26271	unknown	—	—	5y ago	CKEditor 4 ReDoS Vulnerability