Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

ckeditor — Vulnerabilities & Security Advisories 19

Browse all 19 CVE security advisories affecting ckeditor. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products ckeditor:ckeditor4ckeditor5
CVE IDTitleCVSSSeverityPaused
CVE-2026-28343 CKEditor: Cross-site scripting (XSS) in the HTML Support package — ckeditor5CWE-79 6.4 Medium2026-03-05
CVE-2025-58064 CKEditor is susceptible to Cross-Site Scripting (XSS) through its clipboard package — ckeditor5CWE-79 6.1AIMediumAI2025-09-03
CVE-2025-25299 Cross-site scripting (XSS) in the real-time collaboration package — ckeditor5CWE-79 6.1 -2025-02-20
CVE-2024-45613 CKEditor 5 has Cross-site Scripting vulnerability in the clipboard package — ckeditor5CWE-79 6.1AIMediumAI2024-09-25
CVE-2024-43411 CKEditor4 has a low risk cross-site scripting (XSS) vulnerability from domain takeover — ckeditor4CWE-79 3.1 Low2024-08-21
CVE-2024-43407 Code Snippet GeSHi plugin has reflected cross-site scripting (XSS) vulnerability — ckeditor4CWE-79 6.1 Medium2024-08-21
CVE-2024-24816 Cross-site scripting (XSS) vulnerability in samples with enabled the preview feature — ckeditor4CWE-79 6.1 Medium2024-02-07
CVE-2024-24815 CKEditor4 Cross-site scripting (XSS) vulnerability caused by incorrect CDATA detection — ckeditor4CWE-79 6.1 Medium2024-02-07
CVE-2023-28439 ckeditor4 plugins vulnerable to cross-site scripting caused by the editor instance destroying process — ckeditor4CWE-79 4.7 Medium2023-03-22
CVE-2022-31175 Cross-site scripting caused by the editor instance destroying process in ckeditor5 — ckeditor5CWE-79 5.8 Medium2022-08-03
CVE-2022-24729 Regular expression Denial of Service in dialog plugin — ckeditor4CWE-400 6.5 Medium2022-03-16
CVE-2022-24728 Cross-site Scripting in CKEditor4 — ckeditor4CWE-79 5.4 Medium2022-03-16
CVE-2021-41165 HTML comments vulnerability allowing to execute JavaScript code — ckeditor4CWE-79 8.2 High2021-11-17
CVE-2021-41164 Advanced Content Filter (ACF) vulnerability allowing to execute JavaScript code using malformed HTML — ckeditor4CWE-79 8.2 High2021-11-17
CVE-2021-37695 Execution of JavaScript code using malformed HTML in ckeditor — ckeditor4CWE-79 7.3 High2021-08-12
CVE-2021-32809 Arbitrary HTML injection vulnerability in ckeditor — ckeditor4CWE-94 4.6 Medium2021-08-12
CVE-2021-32808 Cross-site scripting in ckeditor via abuse of undo functionality — ckeditor4CWE-79 7.6 High2021-08-12
CVE-2021-21391 Regular expression Denial of Service in multiple packages — ckeditor5CWE-400 6.5 Medium2021-04-29
CVE-2021-21254 Regular expression Denial of Service in Markdown plugin — ckeditor5CWE-400 6.5 Medium2021-01-29

This page lists every published CVE security advisory associated with ckeditor. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.