CVE-2025-58064
- EPSS 0.11%
- Published 03.09.2025 22:02:53
- Last modified 04.09.2025 15:35:29
CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. ckeditor5 and ckeditor5-clipboard versions 46.0.0 through 46.0.2 and 44.2.0 through 45.2.1 contain a Cross-Site Scripting (XSS) vulnerability. Ability to exploit could be tr...
CVE-2025-25299
- EPSS 0.36%
- Published 20.02.2025 20:15:46
- Last modified 20.02.2025 20:15:46
CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. During a recent internal audit, a Cross-Site Scripting (XSS) vulnerability was discovered in the CKEditor 5 real-time collaboration package. This vulnerability affects user ...
CVE-2024-45613
- EPSS 0.05%
- Published 25.09.2024 14:15:05
- Last modified 01.10.2024 22:15:02
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting (XSS) vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user a...
CVE-2021-21254
- EPSS 0.41%
- Published 29.01.2021 22:15:14
- Last modified 21.11.2024 05:47:52
CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin (@ckeditor/ckeditor5-markdown-gfm) before version 25.0.0 has a regex denial of service (ReDoS) vulnerability. The vulnerability allowe...